Omdia Report Reinforces Need to Browse Bravely

By 
Feb 14, 2025
8 minutes
... views
Announcement
News & Events
Browse Bravely
Prisma Access Browser
Secure Browser

The workplace has undergone seismic shifts in recent years. With the rise of work-from-anywhere freedom and the surge in unmanaged devices and SaaS applications, businesses are embracing new, flexible ways of operating. However, in the world of AI and the cloud, people spend more time in the browser, expanding the attack surface and increasing exposure to threats like phishing, ransomware and browser-based attacks.

To help navigate these complexities, Palo Alto Networks has partnered with Omdia to deliver an insightful new report, "The State of Workforce Security: Key Insights for IT and Security Leaders.” This comprehensive study sheds light on the shifting dynamics of workforce security, explores persistent challenges, and presents actionable strategies to fortify your organization against modern threats.

Key findings from the report include:

  • The rise of the SaaS-powered workplace: SaaS applications have become ubiquitous, with large organizations reporting significant growth in their adoption across various functions.
  • Virtually all work takes place in the browser: Over 85% of daily work is conducted through the browser, highlighting the critical need for robust data leakage protection and security in the browser.
  • People are free to work from anywhere: 42% of employees are expected to work outside of the office in some capacity, necessitating robust security measures for diverse and dynamic workforces.
  • The proliferation of BYOD and unmanaged devices poses risks: 98% of organizations report policy violations involving BYOD devices, and 53% feel unprepared to address security issues stemming from unmanaged devices. Together, these trends underscore the pressing need for robust controls that secure personal devices without hindering usability.

Persistent Security Challenges

Hybrid workforces, while enabling flexibility and productivity, also bring unique challenges. Unmanaged devices, often used by independent workers or employees working from anywhere, can introduce vulnerabilities that traditional security measures struggle to address. Moreover, the rapid adoption of SaaS applications has transformed the browser into a critical component of the modern work environment.

An analysis by Palo Alto Networks reveals that large organizations are using up to 10,000 SaaS applications, many of which are unsanctioned. This further emphasizes the need for robust browser security.

Despite significant investments in cybersecurity, gaps remain. The report highlights:

  • Unsecured personal devices are a gaping hole in most enterprise security strategies: 90% of organizations surveyed enable some access to corporate data from personal devices, but 72% agree that unsecure devices accessing this data expose their organization to significant risk.
  • Almost every organization is exposed to browser-based attacks: 95% of organizations experienced browser-based attacks, and 94% faced phishing incidents in the past year.
  • Threats hide in encrypted traffic: 64% of encrypted traffic goes uninspected, leaving organizations vulnerable to hidden threats such as malware and data exfiltration.
  • Generative AI is transformative but also very risky: 65% of organizations reported limited control over data shared in GenAI tools, creating potential vulnerabilities for data exfiltration and compliance violations.
  • Security often hampers productivity: Organizations block corporate resource access on BYOD mobile devices with 97% reporting restrictions. This approach addresses security risks but severely hampers productivity, as employees and contractors increasingly depend on mobile devices to communicate and collaborate.

These findings underscore a critical issue: organizations remain vulnerable to cyberthreats despite significant investments in advanced security technologies like endpoint protection, secure web gateways and mobile device management (MDM). This reveals the need for a more integrated approach to security.

A major concern is the visibility gap. Organizations struggle to track user activity across SaaS applications, BYOD devices and encrypted traffic, hindering Threat Detection and response. Additionally, generative AI tools introduce new risks, with only 13% of organizations having full visibility into what data is shared in AI tools.

Bridging the Gaps with SASE and Secure Browsers

The report identifies SASE and secure browsers as transformative technologies for addressing workforce security challenges. By leveraging the strengths of both solutions, organizations can create a robust security framework:

  • Protecting against compromises on untrusted personal devices: SASE enforces granular access policies at the network level, while secure browsers isolate the workspace on unmanaged devices. This reduces risks from malware and data leakage, especially on BYOD endpoints.
  • Mitigating security incidents: SASE integrates functions like secure web gateway (SWG), cloud access security broker (CASB), and Zero Trust network access (ZTNA) into a unified, cloud-delivered model for improved efficiency and scalability. Secure browsers complement SASE by embedding security directly in the browser. They provide visibility into user actions across SaaS, web and private applications, enforce last-mile data security policies, and mitigate phishing and malware risks. Together, SASE and secure browsers create a seamless security architecture, extending robust SASE capabilities to the browser.
  • Closing visibility gaps: SASE delivers comprehensive traffic inspection and enables decryption, providing visibility into all applications. Secure browsers enhance this by securing encrypted traffic, such as Office 365 and WhatsApp Web, without the need for decryption. Additionally, secure browsers can work alongside browser extensions to extend visibility and control to consumer browsers when necessary.
  • Addressing GenAI risks: SASE integrates CASB and other advanced capabilities to provide visibility into sanctioned and shadow AI applications, helping prevent sensitive data loss, misconfigurations, and malicious responses. Secure browsers add granular, last-mile data protection to limit data exfiltration, enforce compliance with organizational policies, and further reduce exposure to AI-related risks.
  • Securing mobile BYOD: Secure browsers provide secure access to corporate web, SaaS, and private applications on smartphones and tablets without needing mobile device management (MDM), VPN profiles, or certificates. Advanced phishing protection and identity protection restrictions ensure users can only access corporate apps through a secure environment. This approach protects sensitive information, preserves privacy, and enhances productivity.

As cyberthreats grow more sophisticated, the cost of inaction is steep. Data breaches, regulatory fines and reputational damage can have far-reaching consequences. This report equips security leaders with the insights and strategies to stay ahead of emerging threats and effectively protect their organizations.

Enable Work Without Limits—With Exceptional Security and Productivity

Cybersecurity is not just about technology; it’s also about people. The report emphasizes the importance of balancing security with user experience. Overly restrictive measures can hinder productivity and lead to workarounds that undermine security.

Secure browsers and SASE frameworks address this challenge by seamlessly delivering security in a user-friendly way. By integrating with existing workflows and minimizing disruptions, these solutions empower employees to work securely without sacrificing productivity. This balance is crucial for fostering a culture of security within the organization.

How to Browse Bravely into the Future

The insights in this report are a call to action for IT and security teams. By embracing advanced technologies like Prisma® SASE and Prisma Access Browser, a SASE-native secure browser, organizations can close visibility gaps and mitigate risks across the network and browser from one management console while supporting productivity in a work-from-anywhere world:

  • Address all device types: Unmanaged and poorly managed devices are inevitable and pose significant risks. Use Prisma Access Browser to extend Zero Trust principles and enforce least-privileged access across all devices, including smartphones and tablets with Prisma Access Browser for Mobile, ensuring robust AI-aware security controls without compromising usability.
  • Defense in depth: Leverage Prisma SASE to implement layered security controls at the network level. Then, use the industry’s only SASE-native secure browser, Prisma Access Browser, to enforce critical protections at the browser level. This includes last-mile DLP, threat prevention, and precise Zero Trust enforcement for web, SaaS, and private applications.
  • Achieve exceptional security and usability: The Prisma Access Browser combines advanced security with a frictionless user experience. It enables secure browsing, even on consumer browsers with the Prisma Access Browser Extension, while maintaining productivity and supporting safe, efficient access to business-critical resources.

Empower employees to browse bravely with tools like Prisma Access Browser, which provides secure, seamless access to work while protecting corporate data. Strengthen this approach with ongoing cybersecurity education, ensuring a resilient, security-first mindset across the organization. When security is built into every action, employees can work confidently and productively without compromise.

Don’t wait to secure your future. Download the full report today and take the first step toward optimizing your workforce security.

About the Report

This research, commissioned by Palo Alto Networks and conducted by Omdia, is based on surveys of over 1,000 IT and security leaders across industries. It provides a data-driven analysis of the current security landscape and offers actionable recommendations for organizations of all sizes.

The findings highlight the urgent need for a paradigm shift in how organizations approach cybersecurity. By focusing on visibility, scalability and user experience, the report outlines a clear path for building resilient security architectures that can withstand the challenges of modern work environments.

 

Related Blogs

Announcement, News & Events

Browse Bravely and Secure the Future of Work

Announcement, News & Events, Product Features, Products and Services, Use-Cases

The Critical Role of Enterprise Browsers in a SASE Framework

Announcement, News & Events, Product Features, Products and Services

Prisma SASE 3.0 — Securing Work Where It Happens

Product Features, Products and Services

The New Cybersecurity Duo: Prisma Access Browser and Its Extension

Announcement, News & Events, SD-WAN

Prisma SD-WAN FedRAMP Authorization for a Zero Trust Government Branch

Mobile Users, Product Features, Products and Services, Use-Cases

Ensure Your Company’s Business Continuity with Prisma Access Browser

Subscribe to Sase Blogs!

Sign up to receive must-read articles, Playbooks of the Week, new feature announcements, and more.

By submitting this form, you agree to our Terms of Use and acknowledge our Privacy Statement. Please look for a confirmation email from us. If you don't receive it in the next 10 minutes, please check your spam folder.

Get the latest news, invites to events, and threat alerts