“The browser is the new cyberbattleground”: NordLayer’s Andrius Buinovskis on the browser security gap most companies leave wide open in 2026

Most companies have spent years hardening their networks, locking down endpoints, and training employees to spot suspicious emails. What many have failed to notice is that the front door has moved: it’s now the browser tab.

“Work has moved to the web, and cybercriminals have followed. Risks like malicious browser extensions, phishing, unintentional insider threats, and infostealer malware now dominate cybersecurity headlines,” says Andrius Buinovskis, Head of Product at NordLayer. “The browser has become the new cyberbattleground, yet it seems that security controls at the browser level remain an afterthought for most organizations.”

It's a gap that has widened quietly. As Buinovskis puts it, the mass adoption of SaaS applications, the normalization of remote work, and the spread of bring-your-own-device policies have collectively turned the browser into the primary workspace for millions of employees.

But the security thinking inside most organizations hasn’t kept pace. General-purpose tools – firewalls, endpoint protection, and email filters – were designed for a different threat model. They weren't built for a world where a compromised browser extension or a convincing phishing page can hand an attacker the keys to an entire company.

Buinovskis is direct about what’s at stake. Because the browser serves as the primary gateway to critical business systems and data, a single compromised employee can become the entry point for a devastating attack on the whole organization. “If a threat actor gains access through a compromised browser – whether through credentials, session hijacking, or lateral movement,” he explains, “they can escalate privileges and exfiltrate sensitive data, putting the entire company at risk.”

The problem with consumer browsers

Consumer-grade browsers, like Chrome, Firefox, and Edge, were built to display content and respond to user commands. They weren’t built to protect businesses. They don’t distinguish fake websites from real ones, they don’t flag credentials being entered into fraudulent forms, and critically, they can’t override a user’s decision. That last point is what makes the browser uniquely difficult to defend.

Statistics bear this out in an uncomfortable way: employees aren’t clicking fewer phishing links than they did five years ago – if anything, the problem is getting worse. “User error cannot be eliminated, only mitigated,” says Buinovskis.

The solution to this browser security gap? The NordLayer Browser – a purpose-built business browser designed to stop relying on users to catch threats themselves, and instead block those threats before they can be exploited. That means malicious site blocking, data loss prevention controls, and admin-enforced policies that intervene at the point of interaction, containing human error before it becomes a company-wide incident.

The distinction between bolting security onto an existing browser versus building it in from the ground up matters more than it might appear. As Buinovskis explains, external add-on solutions are constrained by the limitations of the underlying browser. “Controlling the codebase of the browser allows us to create more granular and extended security features. Bolted-on solutions are external; consequently, they’re constricted by the browser’s limitations,” he says. “With the NordLayer Browser, we’re expanding and boosting the security controls and features to meet the needs of businesses seeking robust, policy-driven browser security at scale.”

The BYOD blind spot

Personal and unmanaged devices present a particular challenge. Every one of them is an additional endpoint expanding the company’s attack surface, and none of them should ever be fully trusted. The standard advice – enforce MFA, run device posture checks, apply zero-trust principles – is sound, but it runs into a practical obstacle: employees are often unwilling to install management software on their personal devices, and reasonably so.

The NordLayer Browser sidesteps that friction. By containing all work-related activity within a single application, it gives organizations meaningful control without requiring deep access to a personal device. “A dedicated business browser solves this by containing all work-related activity within one application, making it the ideal fit,” Buinovskis says.

What is the NordLayer Browser?

The NordLayer Browser is a dedicated business browser built by NordLayer, the network security arm of Nord Security, the company behind NordVPN. Unlike consumer browsers adapted for workplace use through extensions or policy overlays, it was developed from the ground up with business security as its core design principle.

“Security is at the forefront of the NordLayer Browser,” says Buinovskis. “It’s equipped with tools designed to offer security administrators observability and control over what the user is accessing, what websites they’re visiting, and how they’re interacting with them.”

In practice, that means centralized visibility and control: monitoring which websites and SaaS applications employees are accessing, managing browser extensions, enforcing single sign-on and multi-factor authentication, and deploying data loss prevention controls that restrict actions like clipboard use, file downloads, and access to unauthorized applications. Traffic is routed through approved gateways and secure tunnels, bringing zero-trust principles directly into the browser, ensuring each user only reaches what their role requires.

The browser is aimed squarely at small and medium-sized businesses. “We designed the NordLayer Browser to be easy to deploy, set up, and manage,” Buinovskis says, “all while delivering advanced security features that safeguard company resources.”

The NordLayer Browser is currently available for business deployment through NordLayer’s existing network security platform.

Visit NordLayer Browser

Enterprise-grade protection, without the enterprise price tag

NordLayer is positioning its business browser explicitly for small and medium-sized businesses: a deliberate choice that, as Buinovskis puts it, reflects a real gap in the market. Enterprise browser solutions exist, but they tend to come with enterprise-level complexity and pricing that puts them out of reach for smaller organizations. “The small and mid-market needs browser-level security,” he says, “but existing enterprise browser solutions are too complex and difficult to manage.” The NordLayer Browser is designed to be straightforward to deploy and administer, without sacrificing the depth of control that serious security requires.

So where should a company that wants to take browser security seriously actually begin? For Buinovskis, the answer is straightforward: start with visibility. “The key step is to empower security administrators by providing them with observability of browser activity and the ability to implement centralized security controls in the browser,” he says. “The easiest and quickest way to do that is to deploy the NordLayer Browser.”

Once it's in place, the picture that emerges is often eye-opening. Security administrators gain a comprehensive overview of which websites employees are visiting, which browser extensions they're running, and which SaaS tools they’re using – much of it shadow IT that the organization had no visibility into before. From there, administrators can set rules to block malicious or unauthorized sites, restrict clipboard access, camera, microphone, and file downloads, and secure SaaS access through single sign-on and MFA.

The next step, according to Buinovskis, is mapping out resources and access needs. “Organizations should catalog the web applications and data categories their teams use, classify them by sensitivity, and define which roles require what under which conditions,” he explains – laying the groundwork for least-privilege, in-browser segmentation that limits what any one employee can reach. “Security administrators can block and allow access to internal and web-based cloud resources, ensuring that employees are only accessing what’s necessary for their role,” he adds, “and ensuring that the impact of a possible data breach is minimized.”

Traffic is routed through approved gateways and secure tunnels to private resources, bringing zero-trust principles directly into the browser itself. Until recently, this kind of granular browser-level control lived in dedicated endpoint security tools rather than the browser itself. The NordLayer Browser is built on the premise that it shouldn’t be.

It starts with seeing clearly

For organizations that want to take browser security seriously, Buinovskis says the first move is simpler than most expect. “The key step is to empower security administrators by providing them with observability of browser activity and the ability to implement centralized security controls in the browser,” he says. The technology exists. The gap, more often than not, is awareness.

That awareness tends to shift quickly once organizations actually see what's happening inside their browsers. Shadow IT, unauthorized extensions, unsanctioned SaaS tools – for most companies, deploying a dedicated business browser is the first time they've had a clear picture of any of it.

The broader point Buinovskis keeps returning to is one of priority, not complexity. Browser security doesn't require a large team or an enterprise budget. It requires recognizing that the browser is no longer just a window to the web – it’s an endpoint, a gateway, and increasingly, the place where breaches begin.

“Security controls at the browser level remain an afterthought for most organizations,” he says. The argument NordLayer is making – and the product it has built – is that in 2026, that's no longer a position any business can afford to hold.