- Gartner has warned organizations to block AI browsers
- AI browsers can threaten data, leak financial info, and pass on credentials
- Employees could use AI browsers to complete cybersecurity training
Analyst firm Gartner has advised organizations to block AI browsers from use, warning of the potential for data-exposure or autonomous actions performed by agentic browsers on malicious websites.
The main observation given by researcher VP Dennis Xu, senior director analyst Evgeny Mirolyubov, and VP analyst John Watts was that, “Default AI browser settings prioritize user experience over security.”
AI browsers, such as OpenAI’s ChatGPT Atlas, are often employed to boost efficiency by using autonomous navigation, workflows, and data collection - but they can be tricked by malicious webpages into collecting and transferring sensitive information such as bank account details, credentials, and emails.
"Happy to hack you 🙂"
The Gartner analysts summarized an agentic browser to include two key features:
- The ability to interact with web content using the developer’s AI model, offering functions such as content summarization, data gathering, translation, and search capabilities.
- The ability to complete tasks autonomously on websites, especially within authenticated sessions.
Many agentic browsers do not allow for the use of AI functions within a local LLM, which means that user data, ranging from web content to browsing history and open tabs, “is often sent to the cloud-based AI back end, increasing the risk of data exposure unless security and privacy settings are deliberately hardened and centrally managed.”
Ultimately, it is down to each individual organization to perform an assessment of the AI browser's back end services to see if they are compliant with an organization’s cybersecurity and data protection policies. But even if they pass, they can still be used in a way that presents further risks to the organization.
In this case, the user themselves may provide the browser with an unnecessary amount of sensitive information just by having sensitive data open in the same web browser window while using the browser’s AI assistant.
Furthermore, as agentic browsers can complete actions autonomously, Gartner warns that employees could be “tempted to use AI browsers and automate certain tasks that are mandatory, repetitive, and less interesting,” such as cybersecurity training.
Gartner suggests that organizations who continue to use agentic browsers should “Educate users that anything they are viewing could potentially be sent to the AI service back-end to ensure they do not have highly sensitive data active on the browser tab while using the AI browser’s sidebar to summarize or perform other autonomous actions.”
Commenting on the Gartner advisory, Javvad Malik, Lead Security Awareness Advocate at KnowBe4 said:
"AI features have introduced tension in cybersecurity, requiring people to assess the trade-off between productivity and security risks. While agentic browsers promise many features to enhance user experience, we are still in early stages where the risks are not well understood and default configurations prioritize convenience over security, something we see in many technologies."
"However, blanket bans are rarely sustainable long-term strategies. Instead, the focus should be on risk assessments that evaluate the specific AI services powering these browsers. This can allow for measured adoption while maintaining necessary oversight. As we find more and more AI agents making their way into every aspect of technology, organizations need to have playbooks in place to assess, and protect AI agents, and enable them to work within the organization according to their own needs and risk appetite".
Via The Register
➡️ Read our full guide to the best business laptops
1. Best overall:
Dell Precision 5690
2. Best on a budget:
Acer Aspire 5
3. Best MacBook:
Apple MacBook Pro 14-inch (M4)
You must confirm your public display name before commenting
Please logout and then login again, you will then be prompted to enter your display name.