Your MFA is deployed, your network is monitored, and your front doors are locked. And then someone walks around to the side of the building and knocks on an open window. That window is the browser, where 85 percent of knowledge work now happens.
The analogy that should make every security leader uncomfortable: Your organization has invested heavily in identity and access management, deployed MFA, built network monitoring, and run regular security training. Your front doors are locked. And then someone walks around to the side of the building and knocks on an open window. That window is the browser.
The democratisation of AI has done something that security professionals have been warning about for years: it has dramatically lowered the barrier to sophisticated attack. Threat actors who previously lacked the technical sophistication to run advanced exploits now have access to tools that do the complex work for them. A low-skill attacker can spin up an AI-assisted attack framework, query it for exploit strategies, and run automated scans across a target network with minimal effort and essentially no cost.
The statistics from a recent public sector security summit are worth sitting with.
That last number deserves particular attention. Under 30 minutes from a foothold to a persistent network presence; and that number is continuing to shrink as attackers automate more of the lateral movement process with AI assistance. The defenders' window to detect and contain a breach is narrowing at the same time that the attackers' capability is accelerating. These numbers exist in a world where the attacker increasingly has AI on their side. The defenders need to catch up.
Enterprise security strategy has historically been built around the network perimeter and the endpoint. Firewalls, intrusion detection, endpoint detection and response: these tools assume that the attacker is trying to get through a defined boundary, and that the security team has visibility into that boundary. That assumption has been quietly invalidating itself for the past five years as work moved to SaaS and the browser became the de facto enterprise operating environment.
The browser is not a managed endpoint in the traditional sense. Most enterprise browsers are consumer-grade applications with consumer-grade extension ecosystems, running work sessions that contain sensitive data, authenticated to critical SaaS platforms, on devices the security team may or may not fully control. For a majority of knowledge workers, 85 percent or more of their working day unfolds inside a browser window; and that window has been, for most organizations, a governance blind spot.
One case study from the summit illustrates how the threat surface has expanded beyond the technical into the social, and why controls built for an era of email phishing are no longer adequate.
A finance professional at a major institution received what appeared to be a legitimate video conference request. They followed their organization's verification procedures. Everyone on the call looked and sounded correct: voices matched, faces matched, context was consistent with an expected transaction. They processed a $25 million transfer. Every participant on the call was a deep fake, generated from publicly available video footage.
This is no longer theoretical. Voice cloning from a three-second audio clip is commercially available. Deep fake video quality has reached a point where trained professionals cannot reliably distinguish synthetic from authentic in a live call context. The organizational controls built for an email-phishing world (verify the sender, call back on a known number) do not map cleanly to a world where the attacker can convincingly impersonate a colleague on video in real time.
The organizational and policy implications are significant and largely unaddressed. Communication protocols, financial authorisation workflows, and identity verification procedures all need to be re-examined with this threat model explicitly in scope (not as a future concern, but as a current operating reality).
The enterprise browser concept addresses a specific architectural gap that has emerged as organizations shift workloads to cloud and SaaS. Traditional security tooling was built for environments where the security team had deep visibility into the infrastructure stack: network traffic, endpoint behaviour, server logs. In a SaaS-first environment, that visibility is substantially reduced. The team works with what they can see: often just the browser layer and whatever transaction logs the SaaS provider exposes.
An enterprise browser is a managed browser deployed with security controls baked in at the application level, not bolted on as a proxy or a plugin, but native to the session. It provides capabilities that standard commercial browsers do not, and that no amount of network-layer monitoring can replicate for browser-originated activity.
This capability is particularly consequential for organizations handling sensitive data. Employees who have access to citizen PII, case data, financial records, or sensitive programme information will inevitably experiment with AI tools on their own if organizational alternatives are not provided or are inconvenient. The question is not whether your employees are using AI; it is whether you can see which AI they are using and what data they are putting into it.
An enterprise browser can enforce which AI tools are permissible, block access to unauthorised models, and prevent the accidental or deliberate export of sensitive data to third-party LLMs. This is AI governance that operates at the point of action, not a policy document that lives in a SharePoint folder.
Extension risk is underestimated across the board: Third-party browser extensions request broad permissions: access to page content, clipboard data, network requests. A malicious or compromised extension installed by a single employee can silently exfiltrate data from every authenticated SaaS session that employee opens. Extension governance is not a convenience feature. It is a material control.
An underappreciated threat surface for many organizations is the bring-your-own-device population: contractors, part-time staff, vendors, and remote employees accessing organizational systems from personal devices that the security team cannot directly govern. In the public sector and in organizations with distributed or contingent workforces, this population is often larger than the security team's visibility suggests.
Traditional endpoint management approaches (MDM, device certificates, agent-based monitoring) require the organization to control the device. That is not possible with personal hardware. An enterprise browser provides a meaningful partial solution: even on a personal device, a managed browser creates a governed zone within which organizational policies apply.
The BYOD trade-off that actually works: The employee retains full control of their personal device; the security team makes no claim on personal data, personal applications, or personal browsing. The organization retains control of the work session that runs within the managed browser. This is not a complete solution to the BYOD problem, but it substantially closes the gap at the most active attack surface without requiring the intrusive device management that employees and contractors resist.
The governance boundary here is worth making explicit in your policy documentation. Employees should understand clearly what the managed browser can and cannot see, not because they need to be managed, but because ambiguity about organizational monitoring erodes trust faster than transparency does. Clarity is a security feature.
One observation from the summit deserves broader consideration. A state technology leader made the point that their organization trusts a well-governed AI system to handle tier-one constituent inquiries more than they trust a low-wage, high-turnover external call centre agent, not because AI is infallible, but because the AI's behaviour is governed, auditable, and consistent in ways that human behaviour at scale is not.
The same logic applies directly to cybersecurity. The weakest link in most organizational security postures is not the firewall. It is the employee who clicked something they should not have, on a device and in a browser that the security team cannot see. Closing the browser gap is, in part, a talent risk mitigation strategy, reducing the blast radius of the inevitable human error, rather than trying to eliminate human error entirely.
Security training matters. Phishing simulations matter. But no training programme produces reliable behaviour under every condition at scale. The enterprise browser approach does not rely on every employee making the right decision every time; it enforces the right decision at the infrastructure level, so that a moment of inattention does not become a $10 million incident.
This is the shift in mental model that security teams are increasingly making: from training people to behave securely, to building systems where insecure behaviour is technically constrained. Not instead of training, alongside it. The two are complements, not substitutes.
Cybersecurity architecture is inseparable from AI governance architecture. As AI tools proliferate across your organization (some sanctioned, many not, most somewhere in between), the browser becomes the policy enforcement layer for what your employees do with sensitive data. Organizations that govern the browser govern the data.
Our AI governance work always includes a layer of operational security assessment: where are your employees accessing AI tools? What data are they bringing into those interactions? What visibility does your security team have into those flows? In most organizations we engage with, the honest answer to that last question is: very little. The tools are being used. The data is flowing. The oversight is not there.
The gap is not technical; the enterprise browser products that close it are mature, available, and often already within existing Microsoft 365 licensing. The gap is priority and awareness. Browser security does not have the narrative power of a ransomware incident or a supply chain breach. It does its damage quietly, in sessions that leave limited forensic traces, through employees who had no idea they were doing anything wrong.
If an employee with access to sensitive programme data is using an unsanctioned AI tool from their personal device on your network, would you know? Not hypothetically, right now, today, as a matter of operational visibility. If the answer is no, that is the gap to close first. Everything else in your security posture rests on the assumption that you know what your data is doing. The browser is where that assumption breaks.
The 20-minute strategy call is a concrete starting point. We will map one of your data flows (from a sensitive system through to the browser layer) and show you exactly where the current visibility ends. Most clients find something they did not expect before the call is over.
20 minutes. We'll map one data flow from a sensitive system through to your browser layer, and show you exactly where visibility ends.