The IT Nerd

NordLayer has released the Why Browser Security Can’t Wait: Web-based Threats Report 2026. The findings show that as work applications increasingly shift to the browser, attackers are shifting with them — 82% of surveyed IT professionals report their organization experienced a web-based security incident in the past year, with half describing the impact as moderate or severe.

Organizations that experienced significant-impact incidents follow distinct patterns: They more often allow bring-your-own-device (BYOD) policies (85% vs. 60% overall), have employees who primarily use their own devices (51% vs. 31%), rely more extensively on SaaS tools (56% vs. 31%), and have established fully or primarily remote work policies (35% vs. 17%).

Expectations vs. reality

Despite frequent incidents, 73% of IT professionals say their organization is well prepared — yet their own responses tell a different story. Coverage is modest and uneven: Data loss prevention (DLP) tools lead at just 53%, with other browser security controls trailing below that mark. Nearly all IT professionals report that their organizations are concerned about web-based threats (98%), and most expect escalation — 81% foresee greater sophistication and 73% anticipate more incidents over the next few years.

“There’s a clear gap between recognizing the threat and knowing how to address it,” says Buinovskis. “Concern is high, but awareness of which controls actually solve browser-specific risks is low. Much of the initial confidence most likely comes from having general security controls in place, yet they rarely adequately cover risks in the browser.”

NordLayer’s analysis of 504 unique, highest rated and most reviewed applications listed on  51 unique software categories on Gartner® Peer Insights™, a community-driven software review platform, found that 100% of the applications were browser accessible and 78.8% were browser only (Full methodology located here). Meanwhile, data analyzed by NordLayer and NordStellar, a threat exposure management platform, shows that infostealer malware harvested around 1.8 million credentials and nearly 68.8 billion cookies in 2025, peaking in November.

“Hackers don’t hack anymore, they just log in,” says Buinovskis. “Stolen cookies and credentials grant immediate access without raising alarm bells — a login looks legitimate. It’s low risk, high reward, and as reliance on web-based SaaS grows, so does the value of stolen data. Attackers will keep exploiting this until organizations secure the browser as a critical boundary.”

Practical steps to protect the browser

Buinovskis highlights three priorities for organizations looking to strengthen browser security.

1. Establish observability. Security administrators need visibility into what SaaS tools employees are using, what browser extensions are installed, and whether employees are visiting malicious or unauthorized websites. This minimizes shadow IT and reduces the risk of accidental malware downloads or data exposure.

2. Proactively block threats. Use domain name system (DNS) filtering to block access to malicious content or specific website categories like AI tools or gambling, and deploy data loss prevention (DLP) tools to restrict file uploads, downloads, and copy/paste functions — especially where employees handle personal or financial data.

3. Adopt a zero-trust approach. “Trust can’t be considered inherent — every user needs to be verified,” says Buinovskis. “Applying zero trust allows security administrators to implement network segmentation at the browser level, ensuring employees only access necessary resources and infiltrators are denied entry.”

To read the full Why Browser Security Can’t Wait: Web-based Threats Report 2026, please visit: https://nordlayer.com/browser-research-report/.

NordLayer has officially launched the NordLayer Browser — an enterprise-grade solution tailored to small and medium-sized businesses (SMBs). To safeguard company operations, it integrates browser-native security, enhanced observability, and access management and control into a single platform, delivering a familiar and intuitive experience for users with effortless deployment and management for businesses.

Leading research and advisory firm Gartner predicts that by 2028, 25% of organizations will deploy at least one secure enterprise browser technology to address specific gaps in their cybersecurity strategy. Gartner also predicts that by 2030, enterprise browsers will be the core platform for workforce productivity and security software on managed and unmanaged devices for a seamless hybrid work experience. These predictions are a direct response to cybercriminals frequently targeting employees via web-based and SaaS-use related attacks, like phishing, malicious browser extension campaigns, and account takeovers, that call for an additional layer of control and visibility within the browser.

The lack of dedicated IT staff, coupled with limited cybersecurity budgets, makes SMBs an attractive target for cybercriminals. A report from NordStellar, a threat exposure management platform, revealed that SMBs — companies with up to 200 employees and revenues up to $25 million — bore the brunt of all ransomware attacks last year.

Key solutions of the NordLayer business browser include:

• Shadow IT management. The browser provides visibility into SaaS usage and helps mitigate shadow IT activity through web activity monitoring, browser extension tracking, domain blocking, and a comprehensive activity log.
• Browser data loss prevention (DLP) elements. DLP elements restrict camera, microphone, file downloads, and clipboard access to prevent data capture and exfiltration on untrusted websites. This helps organizations limit uncontrolled data movement and reduce the risk of data leaks.
• Secure browsing capabilities. The browser enhances security through IP anonymization to hide the user’s address as well as web threat protection that blocks malicious or deceptive websites before they load. Category-based DNS filtering further restricts access to websites based on predefined categories for safer browsing.
• SaaS access control. The NordLayer Browser secures access through single sign-on (SSO) and multi-factor authentication (MFA) to prevent unauthorized access and maintain compliance. A dedicated IP feature enables IP-based control for internal and SaaS applications, while administrators can configure access to internal websites via a private gateway with a fixed, allowlisted IP address for secure connectivity.
• Zero-trust browsing. The browser securely manages how the browser traffic flows and what users can access. It routes traffic through approved gateways, provides secure tunnels to private resources, and enables security administrators to allow or block connections to internal and cloud services.

The NordLayer Browser is now available to all organizations. For more information, visit https://nordlayer.com/browser/.

In 2025, the corporate world witnessed a significant rise in artificial intelligence adoption, leading to a boom in AI-powered browsers, co-pilots, and personal assistants. However, Andrius Buinovskis, cybersecurity expert at NordLayer, a toggle-ready network security platform for business, emphasizes that cybercriminals were quick to adopt AI as well, automating and scaling their attacks, and this trend is projected to continue into the next year.

Buinovskis explains that in 2026, businesses can expect to see even more AI-powered cyber threats, alongside other risks that have persisted and will continue to challenge business cybersecurity in the new year. He outlines four main cybersecurity threats businesses should be on the lookout for in 2026.

1.     AI-powered social engineering and AI-enabled malware

According to a report by the World Economic Forum, phishing and social engineering attacks increased by 42% in 2024. According to Buinovskis, the uptick that AI might have caused is likely to worsen.

“Social engineering is the basis for many attacks, and with AI, it’s bound to get more advanced,” Buinovskis says. “It will  become increasingly more difficult to understand if an attack is being carried out using a sophisticated method or a simple approach. Essentially, the line between basic and advanced social engineering is blurring, making both its detection and resistance significantly more difficult.”

He outlines automated deepfake social engineering as a primary growing concern. Utilizing it, cybercriminals will be able to carry out even more believable attacks, tricking even the most well-prepared employees.

“The use of deepfakes is becoming increasingly more common and diverse, with some instances of students even using deepfakes for exams,” says Buinovskis. “Bad actors could definitely utilize highly believable videos and voice calls to impersonate CEOs, third-party contractors, or other employees to trick staff members into divulging sensitive information, accepting fake invoices, or handing over credentials to infiltrate the network and deploy a larger-scale attack.”

Buinovskis highlights AI-enabled malware as another rising threat to cybersecurity. Recently, Google identified the first instance of Just-in-Time (JIT) AI malware, a new type of malware that utilizes artificial intelligence to dynamically generate malicious code at runtime, making it highly adaptable and challenging to detect.

“JIT can generate malicious code dynamically, flying under the radar of traditional antivirus software that relies on static analysis,” says Buinovskis. “Its ability to analyze the target’s system in real time and dynamically generate malicious code tailored to specific vulnerabilities, configurations, or data enables it to deploy highly targeted attacks.”

2.     An increase in ransomware

According to research by NordStellar, a threat exposure management platform, as of September 2025, the number of ransomware incidents has increased by 47% compared to the same period last year. Buinovskis says that the trend will most likely continue into the following year, especially with the introduction of AI-powered ransomware.

“Like other cybercriminals, ransomware groups are adopting AI and using it to scale their operations by automating the attacks,” Buinovskis says. “We’ve already seen how the rise of the ransomware-as-a-service model lowered the entry barrier for these attacks, allowing even hackers without the proper technical skillset to participate. With AI, ransomware groups will be able to cut down on the required human resources needed to carry out their operations, enabling them to execute attacks more quickly and efficiently.”

He emphasizes that if ransomware groups successfully implement AI and increase their efficiency, they will be able to reap the same profits with fewer human resources, resulting in a greater financial gain. This, Buinovskis notes, could be the catalyst for an even greater ransomware surge in the longer run.

3.     Web-based attacks

Malicious browser extensions were a prominent cybersecurity topic in 2025, raising concerns over browser protection. However, they’re not the only browser-related threat to look out for — according to Buinovskis, the browser has become a substantial attack surface and the primary target for many dangerous attacks.

“As companies continue to adopt web-based software as a service and abandon the desktop for the web, the cyber risks that are waiting for employees in the browser are becoming increasingly more prominent and common,” says Buinovskis. “Malicious extensions, various phishing pages, and infostealer malware are some of the main threats lurking in the browser, which is becoming the default channel for work-related tasks in many organizations.”

Buinovskis emphasizes that despite many organizations shifting to a browser-based working environment, it’s still often left unprotected. As a result, more employees and organizations will be exposed to malware, browser-based exploits, and data loss caused by employees unintentionally leaking information from web-based software-as-a-service platforms.

4.     Insider threats

A study found that 83% of organizations reported having experienced at least one insider attack in 2024. Moreover, they were identified as the cause for the costliest data breaches in 2024 in an annual report by IBM, with an average cost of $4.99 million per incident.

Buinovskis explains that insider threats are complex, and as companies’ attack surfaces constantly expand due to remote or hybrid work models and the introduction of shadow IT and shadow AI, the threat will continue to escalate.

“With so many factors contributing to the complexity of the current cyber environment, it’s becoming increasingly more difficult to ensure high observability into what users are doing and prevent them from bypassing security policies,” says Buinovskis. “As a result, insider activity can go undetected for a significant amount of time, allowing for more devastating cyber incidents. The current cybersecurity landscape, as well as the constant evolution and sophistication of threats, will ultimately lead to more cybersecurity incidents caused by user error, turning more employees into unintentional insiders.”

Buinovskis emphasizes that to safeguard against the cyber threats looming in 2026, businesses should prioritize building a comprehensive cybersecurity strategy and raising employees’ cybersecurity awareness. He highlights that small businesses — often operating with limited IT budgets and facing more security vulnerabilities — should reassess their cybersecurity policies because they are frequently the primary targets of cybercriminal activity.   

Is the biggest business enemy actually on the inside? Cybersecurity expert explains why insider threats are getting harder to control in browser-first working environments

As trusted members of an organization, employees can inadvertently or maliciously engage in risky cybersecurity behavior that is harder to detect and lead to data breaches that can cost millions of dollars to remediate. Andrius Buinovskis, a cybersecurity expert at NordLayer, says that as more companies adopt a browser-first approach, mitigating insider threats will become even more challenging due to the limited visibility security administrators have into employee activity within the browser.

Cybersecurity risks that originate from within a company are referred to as insider threats. The term encompasses all threats emerging from dangerous employee activity, whether intentional or not. Deliberate employee actions — such as selling confidential data to competitors or leaking private information out of spite — are also called malicious insider threats.

In their most recent annual report, IBM found that malicious insider threats were the cause of the most financially devastating data breaches in 2024, with an average cost of $4.99 million per incident. Buinovskis explains several reasons why these cybersecurity incidents can pack a hefty punch.

“Employees have access to incredibly sensitive data and resources which, when leaked, can have devastating consequences to a company’s reputation, result in GDPR fines, or be used for ransomware demands,” says Buinovskis. “Insider threats pose a significant danger due to their high impact, but they’re also harder to detect. Employees are trusted members of the organization, and their malicious actions can blend in with usual activity, potentially going unnoticed for months.”

Insider threats lurking in the browser

Buinovskis highlights that spotting malicious activity inside the organization has become even more challenging due to the rise of web-based software as a service (SaaS) applications.

“Consumer-grade browsers do not offer security admins a comprehensive view into employee activity, creating the perfect environment to carry out malicious activities without getting caught,” says Buinovskis. “As a result, the risk of data exfiltration, sharing credentials and confidential information, data theft, unauthorized web application use, and even sabotage by deleting or modifying critical information are all amplified in cloud-first, browser-heavy working environments.”

He explains that in traditional IT environments, these threats can be mitigated by ADR (automated detection and response) and XDR (extended detection and response), which observe network connections, file-based systems, and desktop applications. However, their observability of browser activity is very limited — for example, they cannot distinguish between normal work tasks and data exfiltration or which records were accessed or downloaded.

Additionally, consumer-grade browsers do not offer the possibility of enforcing centralized security controls. Consequently, employees can act as they please: download malicious browser extensions, screenshot or copy sensitive data, and share it with outside parties — all of which can lead to devastating data breaches.

“Companies are shifting to a browser-based working environment for greater efficiency and collaboration; however, as the reliance on the browser continues to grow, so will the cyber risks,” says Buinovskis. “This is especially true for small to medium businesses that might not even have had robust ADR and XDR solutions in the first place and now, consequently, have even less observability into their employee activity.”

Buinovskis explains that investing in cybersecurity awareness training for employees is the first step in mitigating unintentional insider threats. However, he emphasizes that businesses need to have comprehensive defenses in place to safeguard against employee error and malicious insiders.

“The longer malicious employee activity remains undetected, the greater its impact and the more extensive the resulting damage. This underscores the importance of robust observability and rapid incident response,” says Buinovskis. “Companies must prioritize strict access controls, strong user authentication, and continuous employee activity monitoring to mitigate insider threats effectively. For organizations operating in a web-based SaaS environment, leveraging the built-in security tools and enhanced observability of an enterprise browser is essential for comprehensive protection.”

ABOUT NORDLAYER

NordLayer offers reliable connection, protection, threat detection, and response for businesses needing strong network security. Built on NordVPN standards, NordLayer is a trusted cybersecurity platform that integrates easily with any network and technology stack, all with unmatched support. NordLayer is part of the cybersecurity powerhouse Nord Security. For more information: https://nordlayer.com/

As more companies embrace remote work and “workations” during the summer,  a cybersecurity expert warns that swapping the office for scenic views could put corporate data at serious risk

Businesses are adopting mixed work models, and summer is the perfect time to embrace greater workplace flexibility. However, when employees swap the office for a more relaxing setting, it can expose enterprises to additional cybersecurity risks — and, without proper measures, increase the likelihood of a data breach.

A survey by DayForce has found that 41% of employees feel they’re less productive in the summer, and 58% stated that their employer offers some type of flexibility during this time, including increased work-from-home or work-from-anywhere options. According to Andrius Buinovskis, a cybersecurity expert at NordLayer, a toggle-ready cybersecurity platform for business, while employees might appreciate the added benefits, enterprises mustn’t underestimate the risks behind such perks.

“Many companies offer mixed working models, such as remote or hybrid working. Work from anywhere or ‘workations’ allowing employees to work from abroad have also gained popularity,” says Buinovskis. “This additional flexibility is a great bonus for employees. However, businesses mustn’t offer it to employees without knowing the risks. Remote work opens the door for an array of security vulnerabilities, which, if exploited, can lead to devastating data breaches, resulting in reputational and financial loss.”

The main cybersecurity risks

Buinovskis explains that the most common threat from remote work comes from using unsecured public networks. Cybercriminals can intercept Wi-Fi to steal employee credentials, install malware, or hijack accounts.

“Employees that change their routines are more likely to reduce VPN usage due to distractions. Due to their unfamiliarity with the environment, they’re also an attractive target for scammers, and their lack of vigilance can make them more likely to fall for phishing scams in general,” says Buinovskis. “Additionally, employees may be asked to share more personal data in countries with fewer GDPR restrictions, increasing the risk of misuse. Another major concern is that if they use  personal devices, those devices lack centralized security, may run outdated software, and are more vulnerable to attacks.”

He emphasizes that personal devices offer less physical security than company-issued hardware since friends and family members can access them. While travelling, work devices are also at a greater risk, as they may be lost or stolen. If that happens, the information stored on these devices could be misused, and according to Buinovskis, just one compromised device or account is enough to trigger a significant data breach.

How to ensure cybersecurity while maintaining flexibility

Even though remote work models come with cybersecurity challenges, it doesn’t mean that businesses should abandon these perks altogether. According to Buinovskis, the main cybersecurity measures companies should implement to ensure that their data is protected include:

●       Strong network encryption. It secures data in transit, transforming it into an unreadable format and safeguarding it from potential attackers.

●       Password management policies. Hackers can easily target and compromise accounts protected by weak, reused, or easy-to-access passwords. Enforcing strict password management policies requiring unique, long, and complex passwords, and educating employees on how to store them securely minimizes the possibility of falling victim to cybercriminals.

●       Multi-factor authentication. Access controls, like multi-factor authentication, make it more difficult for cybercriminals to access accounts with stolen credentials, adding a layer of protection.

●       Zero trust architecture. The constant verification process of all devices and users trying to access the network significantly reduces the possibility of a hacker successfully infiltrating the business.

●       Network segmentation. If a bad actor does manage to infiltrate the network, ensuring it’s segmented helps to minimize the potential damage. Not granting all employees access to the whole network and limiting it to the parts essential for their work helps reduce the scope of the data an infiltrator can access.

“High observability into employee activity and centralized security are crucial for defending against remote work-related cyber threats, especially because personal devices and unauthorized applications greatly expand a company’s attack surface,” Buinovskis says. “Given the real risk of data breaches and the financial and reputational damage they could potentially cause, overlooking security gaps is a serious gamble that isn’t worth taking.”

Buinovskis also emphasizes that employees are often the weakest link in a company’s cybersecurity. Cybersecurity awareness training is essential to minimize the risk of data breaches — regardless of the work model. This training should cover how to recognize phishing scams, the risks of using public Wi-Fi, and effective password management practices.

ABOUT NORDLAYER

NordLayer offers reliable connection, protection, threat detection, and response for businesses needing strong network security. Built on NordVPN standards, NordLayer is a trusted cybersecurity platform that integrates easily with any network and technology stack, all with unmatched support. NordLayer is part of the cybersecurity powerhouse Nord Security. For more information: https://nordlayer.com/

As more companies embrace remote work and “workations” during the summer,  a cybersecurity expert warns that swapping the office for scenic views could put corporate data at serious risk

Businesses are adopting mixed work models, and summer is the perfect time to embrace greater workplace flexibility. However, when employees swap the office for a more relaxing setting, it can expose enterprises to additional cybersecurity risks — and, without proper measures, increase the likelihood of a data breach.

A survey by DayForce has found that 41% of employees feel they’re less productive in the summer, and 58% stated that their employer offers some type of flexibility during this time, including increased work-from-home or work-from-anywhere options. According to Andrius Buinovskis, a cybersecurity expert at NordLayer, a toggle-ready cybersecurity platform for business, while employees might appreciate the added benefits, enterprises mustn’t underestimate the risks behind such perks.

“Many companies offer mixed working models, such as remote or hybrid working. Work from anywhere or ‘workations’ allowing employees to work from abroad have also gained popularity,” says Buinovskis. “This additional flexibility is a great bonus for employees. However, businesses mustn’t offer it to employees without knowing the risks. Remote work opens the door for an array of security vulnerabilities, which, if exploited, can lead to devastating data breaches, resulting in reputational and financial loss.”

The main cybersecurity risks

Buinovskis explains that the most common threat from remote work comes from using unsecured public networks. Cybercriminals can intercept Wi-Fi to steal employee credentials, install malware, or hijack accounts.

“Employees that change their routines are more likely to reduce VPN usage due to distractions. Due to their unfamiliarity with the environment, they’re also an attractive target for scammers, and their lack of vigilance can make them more likely to fall for phishing scams in general,” says Buinovskis. “Additionally, employees may be asked to share more personal data in countries with fewer GDPR restrictions, increasing the risk of misuse. Another major concern is that if they use  personal devices, those devices lack centralized security, may run outdated software, and are more vulnerable to attacks.”

He emphasizes that personal devices offer less physical security than company-issued hardware since friends and family members can access them. While travelling, work devices are also at a greater risk, as they may be lost or stolen. If that happens, the information stored on these devices could be misused, and according to Buinovskis, just one compromised device or account is enough to trigger a significant data breach.

How to ensure cybersecurity while maintaining flexibility

Even though remote work models come with cybersecurity challenges, it doesn’t mean that businesses should abandon these perks altogether. According to Buinovskis, the main cybersecurity measures companies should implement to ensure that their data is protected include:

●       Strong network encryption. It secures data in transit, transforming it into an unreadable format and safeguarding it from potential attackers.

●       Password management policies. Hackers can easily target and compromise accounts protected by weak, reused, or easy-to-access passwords. Enforcing strict password management policies requiring unique, long, and complex passwords, and educating employees on how to store them securely minimizes the possibility of falling victim to cybercriminals.

●       Multi-factor authentication. Access controls, like multi-factor authentication, make it more difficult for cybercriminals to access accounts with stolen credentials, adding a layer of protection.

●       Zero trust architecture. The constant verification process of all devices and users trying to access the network significantly reduces the possibility of a hacker successfully infiltrating the business.

●       Network segmentation. If a bad actor does manage to infiltrate the network, ensuring it’s segmented helps to minimize the potential damage. Not granting all employees access to the whole network and limiting it to the parts essential for their work helps reduce the scope of the data an infiltrator can access.

“High observability into employee activity and centralized security are crucial for defending against remote work-related cyber threats, especially because personal devices and unauthorized applications greatly expand a company’s attack surface,” Buinovskis says. “Given the real risk of data breaches and the financial and reputational damage they could potentially cause, overlooking security gaps is a serious gamble that isn’t worth taking.”

Buinovskis also emphasizes that employees are often the weakest link in a company’s cybersecurity. Cybersecurity awareness training is essential to minimize the risk of data breaches — regardless of the work model. This training should cover how to recognize phishing scams, the risks of using public Wi-Fi, and effective password management practices.

ABOUT NORDLAYER

NordLayer offers reliable connection, protection, threat detection, and response for businesses needing strong network security. Built on NordVPN standards, NordLayer is a trusted cybersecurity platform that integrates easily with any network and technology stack, all with unmatched support. NordLayer is part of the cybersecurity powerhouse Nord Security. For more information: https://nordlayer.com/

From leaking sensitive corporate data to selling industry secrets — a cybersecurity expert outlines dangerous employee browser activity that can go undetected.

Enterprise reliance on browsers is growing, and so are the associated risks stemming from dangerous employee web behavior. According to a cybersecurity expert at NordLayer, a toggle-ready network security platform for business, some employee activity that may go undetected by security teams can result in confidential data and industry secrets leaks or violations of GDPR. 

Research has found that 80% of employees can complete 80% of their work tasks using the browser. While the shift to the browser can increase productivity and collaboration by speeding up processes, it’s also accompanied by risks.

“Companies are embracing web-based software as a service (SaaS) applications for various benefits, such as cost reduction and increased efficiency. However, due to increasing dependency, the browser is becoming a significant cybersecurity concern,” says Buinovskis. “Aside from attracting the attention of cybercriminals, it’s also become a hub for insider threats or employee error, which can result in devastating security breaches. The most concerning element is the lack of observability security teams might have into employee activity in the browser, creating an alarming blind spot.”

Can security teams see what employees are doing in the browser? 

According to Buinovskis, if employees use a traditional browser, security teams’ observability of what people do in the browser is existent yet limited. Solutions like ADR (automated detection and response) and XDR (extended detection and response) can incorporate TLS (transport layer security) inspection and provide extensive activity monitoring and securing capabilities. However, they require significant financial and human resources to implement and maintain. The hefty price tag might ward off small to medium-sized businesses from the investment, exposing them to browser-based threats. 

“Traditional browsers are not built with security and observability in mind — their primary target is to provide a user-friendly interface. These capabilities are more or less sufficient for personal use but are inadequate to safeguard a business,” says Buinovskis. “Even if a company has an extensive cybersecurity strategy and a large team of security experts at their disposal, the lack of built-in security and monitoring features in a traditional browser still leaves them vulnerable and more likely to experience a safety incident.” 

The most dangerous threats to look out for

According to Buinovskis, the most dangerous threats that can result from employee activity in the browser include:

• Data exfiltration. Ill-intended employees can use the browser’s limited observability to steal confidential company information, such as industry secrets or client data stored on web-based apps, and share it through email or social media without being detected.
• Install unauthorized browser extensions. Some of these extensions are malicious and prey on unsuspecting users to collect sensitive data, modify browser behavior, and create security vulnerabilities. If a company uses a traditional browser, it’s challenging to monitor and control which extensions employees can download and minimize the risk of them installing malicious add-ons. 
• Engage with unauthorized browser-based applications (shadow IT). Not all web-based SaaS applications are safe to use — some might have significant security vulnerabilities, resulting in data leaks or compliance violations. Without proper monitoring, these applications can go undetected, expanding the scope of unmanaged apps (shadow IT).
• Other insider threats. The traditional browser’s lack of observability and behavioral analytics makes it easier for malicious employees to fly under the radar and access sensitive data or converse with third parties. Depending on the scope, these actions can have dire consequences, such as industry secrets ending up in the hands of the competition. 

“To safeguard against browser-based threats, companies need to invest in building and maintaining a comprehensive cybersecurity strategy that would provide a higher level of observability into employees’ activity on the browser or opt for browsers with built-in monitoring and security features,” says Buinovskis. “However, it’s worth noting that even with comprehensive cybersecurity measures, monitoring browser usage across an organization remains challenging if it lacks built-in security features. This gap allows certain user activity to go undetected.”

Buinovskis highlights that cybersecurity awareness training for employees is also a worthwhile investment. It helps to minimize the possibility of user error, such as interacting with unauthorized apps or downloading malicious browser extensions.

ABOUT NORDLAYER

NordLayer provides toggle-ready, scalable, and seamless network security for businesses of all sizes. Built on the standard of NordVPN, the platform empowers distributed teams with secure connections that align with today’s compliance needs. As cyber threats become more sophisticated, NordLayer utilizes the ZTNA, SWG, and FWaaS frameworks, offering tailored security plans and layered solutions that simplify network protection and scale with a business. NordLayer is part of the cybersecurity powerhouse Nord Security. For more information: https://nordlayer.com/