SecurityBrief UK - Technology news for CISOs & cybersecurity decision-makers
United Kingdom
Editorial corporate office cyber threat surface browser phishing malwa
#
Malware
#
Endpoint Protection
#
Hyperscale

Organisations boost browser security spend as attacks rise

Wed, 25th Mar 2026
Author image
By Shannon Williams, News Editor

Parallels has released Omdia research showing that 85% of organisations are increasing spending on browser security, amid a rise in browser-based attacks across North American businesses.

The survey of 400 IT and cybersecurity professionals at organisations with at least 100 employees found that 68% had seen browser-based attacks increase over the past two years. It also found that 55% had experienced a browser-related attack or security incident in the past 12 months.

The findings suggest the browser is moving closer to the centre of corporate security planning as companies rely more heavily on web-based applications. Omdia found that 62% of respondents rank browser security among their top five security priorities.

Budgets appear to reflect that shift. Most respondents said browser security now has dedicated funding or a distinct line item within broader security programmes, while 36% reported significant increases in investment.

Use of secure browsing tools is also growing. The research found that 44% of organisations already deploy secure browsing technologies, including remote browser isolation, secure extensions and enterprise browsers.

The report also points to broader exposure as employees use more web applications across different environments. According to the survey, 32% of users access corporate applications from unmanaged devices, widening the range of endpoints security teams must monitor.

Attack surface

This change in user behaviour has made the browser a more attractive route for attackers using phishing, malware and other web-based threats. Security teams are also contending with competing pressures from AI adoption, cloud expansion, supply chain risk and insider threats, yet browser security continues to climb the spending agenda.

Gabe Knuth, principal analyst at Omdia, said the browser has quietly become one of the biggest attack surfaces in the enterprise, and organizations are starting to treat it that way.

He said browser-based threats now account for a real share of security incidents, and companies are responding accordingly by elevating the importance of browser security, building it into their architecture, and putting dedicated budget behind it.

Parallels used the research announcement to highlight a recent expansion of its secure browsing products, adding Parallels Browser Isolation Private Access to its workspace portfolio.

It introduced its browser isolation product two years ago to secure access to software-as-a-service applications by running browsing sessions in isolated environments. The newer Private Access product is aimed at organisations that want to run sandboxed browser containers within their own security architecture to protect internal web applications, privately hosted applications, data centres and SaaS environments.

Product focus

The approach is designed to isolate web sessions and apply central policy controls. Parallels says this can reduce exposure to phishing, malware and related threats while allowing users to continue accessing applications through a browser.

These product details sit within a broader market shift in which the browser is becoming the main interface for work. As more applications and data are accessed through web sessions rather than locally installed software, the browser is taking on a role once more closely associated with network gateways and endpoint security tools.

That shift is likely to sustain demand for products that monitor, isolate or restrict browser activity, particularly in hybrid working environments where personal and unmanaged devices remain in use. The Omdia findings suggest many organisations no longer see browser protection as a niche control, but as part of mainstream security spending.

Elena Koryakina, Chief Product and Technology Officer at Parallels, said the browser has effectively become the front door to enterprise applications and data.

She said organisations are recognising that traditional security controls alone are no longer enough, and they are now investing in solutions that can secure web activity, protect sensitive information, and integrate seamlessly with their existing security architecture.

Related stories
Black Box Automation vs. Engineer Control: The partnership redefining Kubernetes FinOps
Automotive microcontroller market set to hit USD $15.1bn
Locai Labs deploys AI coding assistant at First Light Fusion
BlackBox Hosting partners Everpure for sovereign cloud
Vodafone & Google Cloud launch AI & security tools

Top stories

AI tools widen cyber attack threat, Flashpoint warns
AI flaws & supply-chain risks top new pentesting report
Exclusive: Google Cloud on the road to autonomous SecOps
Zapier expands AI governance controls for enterprise users
Avatier launches offline card after Stryker cyberattack