“In today’s constantly evolving security landscape, many enterprises struggle to determine how best to allocate their limited security resources,” said Mark Sage, Executive Director of AREA. “A Security Maturity Model supports enterprises planning to deploy AR solutions. Guidance from AR providers helps them understand where they need to be and how to invest in the right level of security—meeting their specific needs without overspending on unnecessary measures.”

The AREA provides two tools for AR Security Maturity Self-Assessment:

• The AR Security Maturity Self-Assessment –  The AR Maturity Self-Assessment is a questionnaire that aims to help you understand the current state of AR security within your organization, identify challenges, and gather insights into best practices. Based on your responses, we will provide recommendations to help your organization enhance its AR security maturity. All responses are confidential and used solely for recommendation purposes.
• The IoT Security Maturity Model: AR Profile. he AR Profile white paper defines and accounts for different levels of comprehensiveness and alignment with industry sectors and systems, including non-industrial systems. This document’s audience includes stakeholders concerned about the proper strategy for implementing mature security practices tailored to the needs and constraints of the specific IoT system.

The AR Security Maturity Self-Assessment survey and the IoT Security Maturity Model: AR Profile white paper are free to download. The AREA Security Committee authored this white paper. Become an AREA member.

About the AR for Enterprise Alliance (AREA)

The AR for Enterprise Alliance (AREA) is the only global membership-funded alliance helping to accelerate the adoption of enterprise AR by supporting the growth of a comprehensive ecosystem. The AREA accelerates AR adoption by creating a comprehensive ecosystem for enterprises, providers, and research institutions. AREA is a program of Object Management Group® (OMG®). For more information, visit the AREA website.

Object Management Group and OMG are registered trademarks of the Object Management Group. For a listing of all OMG trademarks, visit https://www.omg.org/legal/tm_list.htm. All other trademarks are the property of their respective owners.

In 2015, cybercrime damage cost the world $3 trillion, according to one estimate. By 2021, that number is expected to grow to $6 trillion. So any enterprise contemplating new IT investments is paying particular attention to the security ramifications. AR is no exception. When introducing mobile, wearable AR systems to the enterprise, there is a high level of concern about data security. Headset and smart glasses designers are rarely data security experts, and their unconventional connected systems can represent new kinds of cyber threats to enterprise businesses.

The AREA recently commissioned an important study with Brainwaive LLC, headquartered in Huntsville, AL, to evaluate this mission-critical topic and help AREA members better understand and mitigate these risks. Tony Hodgson, CEO of Brainwaive – a cyber security and emerging technology advisory to enterprise clients – explained elements of the study.

“Initially, we’re creating the first-ever comprehensive report to identify and characterize the data security risks enterprise IT managers should be concerned about,” said Hodgson. “Our veteran cyber experts are then drawing from similar experiences they’ve had leading initiatives, such as development of the Industrial Internet Security Framework for IoT solutions (IISF) and IEEE data security standards, to create an AREA-branded Enterprise AR Security Framework.

We’re also creating a powerful AR Device Testing Protocol, so enterprise IT managers can thoroughly evaluate threat vectors and use-case suitability of different wearable AR systems.”

Also, AR device manufacturers will have new tools to evaluate their solutions before sending them into the marketplace.

“No one can eliminate all these evolving threats, but it will certainly help AR system developers sleep better at night knowing they’ve run their device through a comprehensive analysis to understand their defensive posture,” said Hodgson. “It will also provide them with a strong and supportable answer when clients ask, ‘How safe are your systems, anyway?’.”

Tony Hodgson is looking forward to making an impact with the research project.

“It’s exciting because AR-enabled systems are really beginning to emerge on the enterprise scene,” he said. “But the menagerie of devices and all the different ways they can be used presents new, invisible routes that malicious actors will take to dodge your defenses and infect your networks. This work sponsored by the AREA will certainly help companies understand what’s under the hood of these unique devices, so they can identify and mitigate these risks.”