How will augmented reality drive change in cybersecurity?

Augmented reality is a powerful technology with far-reaching implications. That said, there’s one sector in which it hasn’t yet reached its full potential: Cybersecurity.  AR technology could bring about some incredibly positive changes, up to and including solving the talent shortage. 

I’d like you to imagine the following scenario. 

An automated intrusion detection system flags suspicious activity within a corporate network — an unknown user accessing files they should have no authorization for. After determining it’s something that merits human intervention, it sends a notification to a member of the organization’s cybersecurity team. So far, this sounds like business as usual, right? 

However, upon receiving it, they tap their smart glasses to display a visualization of the network displaying the specifics of what was compromised and how. They then proceed to share that visualization with other members of their team, collaborating on how to respond. This all happens in real-time, and all without requiring any face-to-face interaction. 

Not bad, right? That’s just one of many ways augmented reality has the potential to revolutionize the cybersecurity space. By superimposing digital information onto the physical world, businesses can unlock new workflows, streamline existing processes, and create new modes of interaction with enterprise technology.

The example above, of collaborative, interactive security,  is only the beginning. Another impressive change could come in the form of better, more comprehensive security training. A solution, in other words, for the looming cybersecurity talent shortage.

“Companies know they need to hire more security experts, but there aren’t enough experienced prospects in the pipeline,” writes Ron Schlecht, managing partner at BTB Security. “To change course, security organizations need to find faster training and better education programs. AR could be the answer.”

“Already used to train employees in the manufacturing and medical industries,” he continues, “AR system are a natural fit for cybersecurity training, [enabling] a level of visualization and information sharing that can accelerate the synthesis of information [and opening] new opportunities to gamify training and education programs.” 

Before we can enjoy the fruits of this potential, however, there’s the matter of securing the devices we’ll use to enable it. Wearable technology such as smart glasses represents a threat surface at least as large as that created by smartphones and tablets. And they’ll enter the workplace around the same time IoT devices start to proliferate in greater numbers. Given what they’ll be used for, this is more than a matter of them being used as access points, as well.

A clever criminal could theoretically use smart glasses to monitor an entire workplace. This could allow them to collect a wide range of data, including passwords, trade secrets, and network vulnerabilities. Moreover, the sheer volume of wearable devices coupled with IoT devices could lead to several massive botnets — larger even than Mirai.

There’s also the issue of the new data generated by wearable technology — audio and video recordings of employees, for instance. Determining what constitutes personal data and what constitutes corporate data with AR tools will be no mean feat. But it’s also a legal issue that needs to be addressed for AR to see widespread use.

Ultimately,  augmented reality has the potential to create far-reaching change in the cybersecurity space. It will streamline network monitoring and security, promote better collaboration, and help address the shortage of security talent through better training. There will be challenges, of course. But I have little doubt that we’ll overcome them.