TZUTC: -0500   
   MSGID: 1810.consprcy@1:2320/105 2d9d69d6   
   PID: Synchronet 3.21a-Linux master/123f2d28a Jul 12 2025 GCC 12.2.0   
   TID: SBBSecho 3.28-Linux master/123f2d28a Jul 12 2025 GCC 12.2.0   
   BBSID: CAPCITY2   
   CHRS: ASCII 1   
   FORMAT: flowed   
   Gartner advisory states AI browsers are NOT your friend  and they are putting   
   your business at risk   
      
   Date:   
   Mon, 08 Dec 2025 15:14:04 +0000   
      
   Description:   
   AI browsers pose a threat to data protection, financial information, and   
   security postures.   
      
   FULL STORY   
      
   Analyst firm Gartner has advised organizations to block AI browsers from use,   
   warning of the potential for data-exposure or autonomous actions performed by   
   agentic browsers on malicious websites.    
      
   The main observation given by researcher VP Dennis Xu, senior director    
   analyst Evgeny Mirolyubov, and VP analyst John Watts was that, Default AI   
   browser settings prioritize user experience over security.    
      
   AI browsers, such as OpenAIs ChatGPT Atlas, are often employed to boost   
   efficiency by using autonomous navigation, workflows, and data collection -   
   but they can be tricked by malicious webpages into collecting and    
   transferring sensitive information such as bank account details, credentials,   
   and emails.   
      
   "Happy to hack you "    
      
   The Gartner analysts summarized an agentic browser to include two key   
   features: The ability to interact with web content using the developers AI   
   model, offering functions such as content summarization, data gathering,   
   translation, and search capabilities. The ability to complete tasks   
   autonomously on websites, especially within authenticated sessions.    
      
   Many agentic browsers do not allow for the use of AI functions within a local   
   LLM, which means that user data, ranging from web content to browsing history   
   and open tabs, is often sent to the cloud-based AI back end, increasing the   
   risk of data exposure unless security and privacy settings are deliberately   
   hardened and centrally managed.    
      
   Ultimately, it is down to each individual organization to perform an   
   assessment of the AI browser's back end services to see if they are compliant   
   with an organizations cybersecurity and data protection policies. But even if   
   they pass, they can still be used in a way that presents further risks to the   
   organization.    
      
   In this case, the user themselves may provide the browser with an unnecessary   
   amount of sensitive information just by having sensitive data open in the    
   same web browser window while using the browsers AI assistant.    
      
   Furthermore, as agentic browsers can complete actions autonomously, Gartner   
   warns that employees could be tempted to use AI browsers and automate certain   
   tasks that are mandatory, repetitive, and less interesting, such as   
   cybersecurity training.    
      
   Gartner suggests that organizations who continue to use agentic browsers   
   should Educate users that anything they are viewing could potentially be sent   
   to the AI service back-end to ensure they do not have highly sensitive data   
   active on the browser tab while using the AI browsers sidebar to summarize or   
   perform other autonomous actions.    
      
   Commenting on the Gartner advisory, Javvad Malik, Lead Security Awareness   
   Advocate at KnowBe4 said:    
      
   "AI features have introduced tension in cybersecurity, requiring people to   
   assess the trade-off between productivity and security risks. While agentic   
   browsers promise many features to enhance user experience, we are still in   
   early stages where the risks are not well understood and default   
   configurations prioritize convenience over security, something we see in many   
   technologies."    
      
   "However, blanket bans are rarely sustainable long-term strategies. Instead,   
   the focus should be on risk assessments that evaluate the specific AI    
   services powering these browsers. This can allow for measured adoption while   
   maintaining necessary oversight. As we find more and more AI agents making   
   their way into every aspect of technology, organizations need to have   
   playbooks in place to assess, and protect AI agents, and enable them to work   
   within the organization according to their own needs and risk appetite".    
      
   Via The Register   
      
   ======================================================================   
   Link to news story:   
   https://www.techradar.com/pro/security/gartner-advisory-states-ai-browsers-are   
   -not-your-friend-and-are-putting-your-business-at-risk   
      
   $$   
   --- SBBSecho 3.28-Linux   
    * Origin: capitolcityonline.net * Telnet/SSH:2022/HTTP (1:2320/105)   
   SEEN-BY: 105/81 106/201 128/187 129/14 305 153/7715 154/110 218/700   
   SEEN-BY: 226/30 227/114 229/110 134 206 300 307 317 400 426 428 470   
   SEEN-BY: 229/664 700 705 266/512 291/111 320/219 322/757 342/200 396/45   
   SEEN-BY: 460/58 633/280 712/848 902/26 2320/0 105 304 3634/12 5075/35   
   PATH: 2320/105 229/426