KuppingerCole's Advisory stands out due to our regular communication with vendors and key clients, providing us with in-depth insight into the issues and knowledge required to address real-world challenges.
Unlock the power of industry-leading insights and expertise. Gain access to our extensive knowledge base, vibrant community, and tailored analyst sessions—all designed to keep you at the forefront of identity security.
Get instant access to our complete research library.
Access essential knowledge at your fingertips with KuppingerCole's extensive resources. From in-depth reports to concise one-pagers, leverage our complete security library to inform strategy and drive innovation.
Get instant access to our complete research library.
Gain access to comprehensive resources, personalized analyst consultations, and exclusive events – all designed to enhance your decision-making capabilities and industry connections.
Get instant access to our complete research library.
Gain a true partner to drive transformative initiatives. Access comprehensive resources, tailored expert guidance, and networking opportunities.
Get instant access to our complete research library.
Optimize your decision-making process with the most comprehensive and up-to-date market data available.
Compare solution offerings and follow predefined best practices or adapt them to the individual requirements of your company.
Configure your individual requirements to discover the ideal solution for your business.
Meet our team of analysts and advisors who are highly skilled and experienced professionals dedicated to helping you make informed decisions and achieve your goals.
Meet our business team committed to helping you achieve success. We understand that running a business can be challenging, but with the right team in your corner, anything is possible.
So the good thing is it are only four slides, so no desk by PowerPoint here. And that may help me staying in the time Matthias gave me or others have left for me, however ever you'd like to phrase it.
And I, I think securing the metaverse, this is definitely a very interesting topic and I think we, we really must fundamentally rethink cybersecurity because we, we, we still usually think thinking we we're an enterprise or an organization could be governmental, et cetera, and necessarily an enterprise. And we care for the security in our realm, but we don't have this realm anymore. We have decentralized identities. We are using in the future, whatever avatars, we have stuff on distributed ledgers, so it's distributed and we have this metaverse thing.
And so when we look at this, and I have a better version of the traffic on the next slide, so I go a bit more into detail on the next slide. Basically, the point is when we have these two terms, web three, which is very fuss and metaverse, which is equally fussy, then the challenge is, it's not, not a hundred percent defined yet, but one thing, sure, to my understanding, these decentralized identity is the glue of everything we are doing there. So decentralized identity is very, very much at the core. And that that is a very important point.
And so when I go to my, the next slide, I go bit deeper into that. So it's interesting when you ask whatever Che PT about web three in the Metaverse, by the way, you'll find LinkedIn, you will find a poem in the Shakespeare language about web three because I, I don't know what what has been driving me, but I, I asked Che PT about web three and then I said, Hey, how would Shakespeare Shakespeare's President Chet wrote a poem about web three, which was in some way quite funny, but, but it's still, still a bit fussy.
And I think this is the point we, we need to be, be clear about, there are things which are in web three, which sort of constitute this, which are things like the decentralized identity I'll touch in a minute, which are things like NFT, like blockchains, smart contracts, and all the other technologies which allow us to build a sort of a decentralized distributed approach for sort of this next generation of web three, which is used in certain areas, which is, is there, and when, when we talked then about metaverse, so, so the one thing for me that is sure is there will not be the metaverse, the metaverses, if you want to use the term.
I still don't like the term very much, but it's where, where things come into. So around this web reasoning, which are around augmented reality, very important use case by the way, also in practice already in many manufacturing organizations in science, et cetera, the avatars, we may use the AI powered stuff behind that.
So, so we will surely have the option to use avatars that act on behalf of us, but which by the way brings a, brings a lot of interesting challenges with it. So how do I limit what the avatar can do?
What, what happens if the avatar based on the AI does things I wouldn't do that way. Maybe the avatar behaves like I would behave and I just learn from it that I would be, that don't, don't behave like I would hope I behave.
So some, some interesting things around that. Surely the virtual worlds maybe or not, I think we, we surely will see, see a lot of evolution. Yesterday someone showed me the, the blueprint of, of glasses that don't look like these monstrous VR glasses, but they look more or less like that. Maybe a bit sicker here. And I think when we have something like that, then a lot of people will use it. But it's there.
It's, it's like, you know, like, like you have this heads up display on your car if you have the heads up display, so to speak in your classes for things and they augment you. And I think this is the point around ai, ai for me, we should always think about augmenting re intelligence. It's augmenting us, it's helping us doing things to do things better. That's where we use this stuff. And then it becomes a story.
But the point is then when we look at it from a security perspective, and I think this is a very important point, how do we handle security for something that is as fussy as this entire web three and metaverse thing is, my learning from, from a couple of years I'm in the industry is when something is complex and you want to, to address it, then best deconstruct it and look at the individual pieces like NFT security, like se security for smart contracts like securing blockchains, stuff like that.
And as I've said, then there's one element which is common to everything which is identity, which is decentralized identity. And then we can so to speak, reconstruct this when we want to, to secure it by bringing together all the pieces. And the good thing is the glue. So decentralized identity will be extremely important. We probably will have each of us more than one identity in that way because we, we act in different, so to speak, personas. But at the end this will be with the glue.
I personally believe that the, the, the most important thing is that we will have very few wallets, but we will need proof that we can use and exchange between the wallets and use them flexibly from different issuers. And then we have a, a unified identity.
We, we can unify the security controls, we can policy-based access, security, identity, governance, all these things we can done so to speak in a unified security across all these elements of web three and the metaverses. And there also the more it's then standards and, and unification, the more it's, it becomes interoperable, interchangeable that is needs to be done. And when we look at this, this metaverse thing, and I hope you can then read the next slide because I had some scribbles on hand, so to speak when I learned later this, this morning that I should step in for this talk.
As I've said, metaverse, it's not singular, it's plural. That's a very important thing.
You, you know, if you have trouble seeing it and you're sitting in the back, back lane, don't complain about it. So it, yeah, okay, just, just fair.
Yeah, I, I always try to have a slide with four point font size so that everyone has to move a bit closer to, to, to me, you know, old present presenter trick. Anyway, I, I think when we look at this metaverse thing then, then basically I, I believe we will, and to some extent we see we will have public and private on one hand. So we'll have public proprietary, like what meta to a certain extent tries to do these proprietary things are not very charming.
I, I believe you probably also may see sort of an open standard base approach here. And then we have private ones which are more targeted at the individuals and at business individuals, what we see in the gaming world, where we see a lot of these things already, but also where we have potentially use cases around traffic vehicles, retail, et cetera.
So, so new shopping experiences, stuff like that, that may emerge will emerge probably. And we have the ones that are used by one corporation or one organization and the ones which are used by multiple organizations. So the way you, you use virtual reality in your own lab, in your own manufacturing, that's the one thing where you have, so to speak, your own small metaverse for certain things at the industrial one. And then you have the ones where you work with other organizations potentially or on things where, where, where you maybe have the, and you could also imagine it for medicine.
So when you, you take to today's remote medicine and remote surgery to the next level, then, then it's some sort of industry metaverse application. It is something where you work with virtual realities, where you work remotely with different parties. And this is a very different thing I think, but yes, did twice that way, which means I still have 10 minutes now I have five I know answers that we'll have. Maybe even a government metaverse in Germany, probably not before the year 2,100 as fast as as we're moving.
And by the way, they're anyway run out of money, so it'll take a bit longer than, so that, that is a different story. But we will see many of these and I think this is very important to understand.
So, so what we have is, is in fact distributed technologies that allow us to, to go into, to virtual worlds, virtual use cases, new types of use cases backed by all this evolution we see, which is a, which allows new things to do. But what is important to my understanding is also we, we need then different types of governance. So we need a governance, which is a foundation for securing these things. So governance and security are in some way loosely related in governance.
Again, it's related to regulations. So it, it differs really for, and this is just rough thinking. So when I scribble these things, and it's usually something which so puzzles my mind and sometimes it's a good idea, sometimes not. So for public or and proprietary, there will be the law, the authorities, we need for, for public open it are the standard bodies plus the law plus the authorities potentially, which are on that governance end.
For individual ones, there might be indirectly some law like data protections, et cetera that says, okay, you know, you can't do that, but there's still certain types of regulations apply to you. Things that do, that's only one company like, like individual was this for instance gaming use case with data protection, et cetera or payments, things, et cetera that come into place. Standard regulation of impact. And I think the same happens for when you do do it in the business or in the governmental organization for, for one company than it's more the directing.
When multiple companies or multiple entities com work together, then like take the medicine case lake, take whatever engineering across multiple companies, things like that, then agreements come into play. And depending on the use case, certain types of regulations, laws and other authorities and government also should be by law.
So we, we will have a lot of incarnations there. There will be regulation, we need governance and we need to think about security and security. I think the only way we can tackle it is by understanding decentralized identities are at the core and if we solve the individual security challenges, we can come up with a unified security approach afterwards to secure the metaverse. But it's a radical diff radically different way of thinking because we're not thinking about sort of our own environment anymore usually, but about a distributed, decentralized, autonomous world. We need to secure.
And this is a very different way to traditional enterprise security. So that are trust some thoughts about metaverse and security. I hope that was at least sort of triggering some sorts at your end and some ideas back to Matthias.
