Skip To Content
Sponsored Content:Brought to you by Google Chrome Enterprise

Why Browsers Are the First Line of Defense for Enterprise Cybersecurity

In the hybrid work era, businesses are more exposed than ever to cyberattacks—but a secure web browser strategy can help mitigate risks.

A dramatic rise in data breaches across Europe is pressuring enterprises to tighten up their cybersecurity as they rush to defend themselves against an onslaught of criminal and state attackers.

Europe experienced a 26% rise in cyberattacks in 2022 compared to 2021, with UK enterprises suffering a massive 77% leap. Cybercrime continues to impact enterprises this year, with a 20% rise in Lockbit3 ransomware victims in the first half of 2023 compared to last year. Globally, a company falls victim to a ransomware attack every 11 seconds.

Increasingly sophisticated phishing scams and emails containing malware files are some of the main weapons used by attackers to bypass employees and mount attacks.

But while information security teams have focused primarily on defending enterprise networks and devices with a variety of cybersecurity tools, less attention has been paid to making internet browsers secure. This is partly due to concerns that tightening up browser security controls will harm the user experience.

The browser has become a central tool for enterprises as employees spend more time working on cloud platforms, videoconferencing and accessing web resources. Workers spend 71% of their day in the browser or in virtual meetings, according to The Cloud Worker Revolution Accelerates, a May 2022 commissioned study conducted by Forrester Consulting.

The huge rise in hybrid and remote working since the pandemic has heightened concerns over browser security. Gallup found that, on average, employees prefer to be in the office two to three days a week. Many staff are working remotely part of the week from home, or from a library or cafe, and are accessing work browsers outside the secure corporate network.

The growth of bring your own device (BYOD), where staff use their own smartphones, laptops and tablets for work purposes either in the office or remotely, further ratchets up security concerns.

“If you’re working within your office, IT can secure the network and lock things down. But with people working everywhere on different devices, it’s much harder to extend control on such a tight level and make sure that these sophisticated attacks can’t get through,” says Lauren Miskelly, Managing Director, Chrome Browser Enterprise at Google. “Companies need to realize that the rise of the browser means it is becoming a critical endpoint that they need to secure.”

Enterprises are gradually getting the message. Gartner® predicts that by 2025, enterprise browsers or extensions will feature in 25% of web security competitive situations, up from less than 5% today.

One reason for the browser’s vital role in cybersecurity is that up to 85% of cyberattacks are caused by human error. There has been a sharp rise in “social engineering” attacks that trick users into divulging confidential information, such as fake emails pretending to be from trusted contacts asking for private data. Browsers play a significant role in preventing these attacks.

“We need to be able to help enterprises stop employees from interacting with phishing emails and deceptive practices,” says Miskelly.

Google Chrome Enterprise mitigates the risks of cyberattacks with a variety of safeguards. The browser’s Safe Browsing feature flashes warning messages before users visit dangerous websites or download potentially compromised files. Chrome Enterprise also offers risk scores for browser extensions, so enterprises can see whether an extension threatens security before blocking or allowing the extension within the organization.

Chrome Enterprise has a strong track record of dealing with “zero-day” vulnerabilities in its software—bugs that are discovered and must be dealt with immediately before attackers find them. Miskelly also points to BeyondCorp Enterprise, Google’s zero-trust solution, that further protects browsers against malicious actors. BeyondCorp helps enterprises implement policies that require everyone who accesses a system to be continuously authenticated, rather than trusting that a computer or browser is secure.

These controls, along with the ability to control an enterprise’s browsers centrally, are becoming critical as the threat landscape continues to darken. AI is increasing the vulnerability of enterprises as criminals harness the technology to mount ever more sophisticated social engineering attacks using deepfakes to impersonate identities. With emerging threats from compromised third-party networks, and the potential dangers of superfast quantum computing, browser security is becoming indispensable to any corporate cybersecurity strategy.

“There’s been a significant evolution both in the sophistication of cyberattacks and the sophistication of defenses. And with so much of the world moving online, the stakes have never been higher,” says Miskelly.

Many IT and security teams are being overwhelmed by the complexity of the attacks, and 54% of IT managers say the attacks are too advanced for their IT teams to handle on their own. Globally, the average cost of a data breach has risen to its highest level in 18 years, increasing 15% in the last three years to $4.45 million. Data breaches can also cost companies their reputation and productivity. Implementing robust cybersecurity measures can have a clear impact on reducing these costs.

A major concern for many IT leaders is the potential for friction between security and user experience. The stronger the cybersecurity controls, the more likely they are to interfere with users’ daily online interactions.

“IT leaders at major organizations I talk to find managing the trade-off between security and end-user experience challenging,” Miskelly says. “A chief security officer at a Fortune 500 company based in France told us that it’s not feasible to ‘fully restrict the user experience when it comes to browsers for the sake of security.’”

This makes finding a browser security solution that won’t interfere with users’ daily work practices even more important.

European enterprises are looking to use security controls offered by their existing providers rather than risk the additional complexity of hiring new vendors, Miskelly adds.

Chrome Enterprise’s security tools can help businesses meet the challenges of browser security in the age of hybrid working without adding a new software layer. This keeps complexity to a minimum while securing the browser as the first line of defense.

Gartner, Emerging Tech: Security — The Future of Enterprise Browsers, 14 April 2023, Dan Ayoub, et. Al.

GARTNER is a registered trademark and service mark of Gartner, Inc. and/or its affiliates in the U.S. and internationally and is used herein with permission. All rights reserved.

Google Chrome Enterprise
Learn More
Terms of ServiceTrademarksPrivacy Policy
CareersMade in NYCAdvertise
Ad Choices
Help©2025 Bloomberg L.P. All Rights Reserved.