Gartner Warns Enterprises to Block AI Browsers Amid Significant Cybersecurity Risks

Brickinfo News Agency – Research and advisory firm Gartner has issued a recommendation for organizations to temporarily block the use of AI browsers, citing critical cybersecurity risks that outweigh current productivity benefits. While tools like Perplexity Comet and OpenAI’s ChatGPT Atlas offer advanced features such as content summarization and autonomous web research, their “agentic” capabilities—which allow them to perform transactions and navigate the web independently—currently lack the robust safeguards required for enterprise security.

According to Dennis Xu, VP Analyst at Gartner, the shift from manual navigation to autonomous transactions redefines how employees interact with digital touchpoints but introduces dangerous vulnerabilities. These browsers often rely on cloud-based back-ends to process data, creating a high probability of sensitive data leakage to third-party services, often occurring without explicit user consent or awareness.

The risks extend beyond data privacy to the execution of erroneous agentic transactions. Gartner notes that AI browsers may incorrectly fill out forms, bypass mandatory corporate training without engagement, or even be deceived into navigating phishing websites. These inaccuracies stem from the current reasoning limitations of large language models (LLMs), which can lead to the loss of corporate credentials if an agent is manipulated by a malicious site.

“AI browsers promise to reshape web browsing experiences… yet, their current fit for enterprise use remains too risky for general adoption by most organisations,” Xu stated. He characterized the technology as a high-risk emerging technology that is still “functionally flawed,” advising firms to wait until the tech becomes more secure and reliable before moving beyond restricted pilot programs.

Furthermore, default settings in these browsers typically prioritize user experience over security. Many AI browsers are configured to retain usage data by default to improve their models, which conflicts with standard enterprise data retention policies. Organizations currently experimenting with these tools are advised to manually disable data retention features and instruct users to regularly delete stored histories to minimize exposure.

Design flaws remain a persistent threat during this nascent stage. Shortly after its launch, a critical vulnerability was discovered in OpenAI’s ChatGPT Atlas, which could have allowed unauthorized access to user accounts. Consequently, Gartner suggests that if an organization must use these tools, they should limit experimentation to trusted providers—such as Microsoft Edge for existing Microsoft 365 users—and only deploy them for low-risk tasks handled by employees with high AI literacy.