What if the browser is where enterprise control should have been built all along?

In this interview at Security Edge, Nick Lennon argued that many of the layers organisations have added to secure user activity exist because the browser was never designed for enterprise use.

His point was that control has sat too far away from the place where work actually happens.

By moving policy enforcement closer to the user interface, organisations can reduce security complexity while gaining more visibility over behaviour, data movement, and AI usage.

 

Key takeaways:

  • Consumer browsers have forced enterprises to build layered controls around an environment they do not directly manage.
  • Bringing policy enforcement into the browser can simplify architecture while improving visibility and control over user behaviour.
  • A more unified browser layer can help organisations govern AI use more consistently while supporting safer productivity gains.

 

Consumer browsers create enterprise workarounds

Modern security stacks have grown partly because enterprises have never had much direct control over the browser itself.

Relying on consumer browsers has forced organisations to build layers of controls around them, adding secure web gateways, DNS proxies, malware protections, and other monitoring tools behind the browser.

That has increased cost, created more architectural sprawl, and left gaps between where risk appears and where controls are applied.

Nick’s argument was that many enterprises are compensating for a design problem that was never solved at the browser layer.

 

The browser is becoming a more practical control plane

Embedding policy enforcement into the browser changes where security decisions happen.

Instead of routing traffic through multiple layers of infrastructure to regain control, organisations can apply policies directly in the environment where users are working.

That can simplify architecture while improving user experience.

Nick pointed to browser level controls such as data loss prevention, website access rules, and MFA for legacy applications, all applied without changing the underlying systems.

The shift matters because it brings control closer to the point of action.

 

AI governance and productivity are starting to converge

Nick also argued that the enterprise browser is becoming more relevant as organisations try to govern AI use without slowing adoption.

When employees are using multiple AI tools, governance can quickly become fragmented.

A single browser based policy layer offers a more consistent way to apply controls across those interactions.

That includes managing prompt activity for audit purposes, enforcing DLP policies across AI tools, and supporting agentic workflows inside a more controlled workspace.

In that model, the browser becomes more than a security layer. It also becomes a place where organisations can support productivity while maintaining oversight.

Contributors
Nick Lennon Managing Director ANZ at Island
Nick Lennon is the A/NZ Managing Director of Island, leading the company’s expansion across Australia and New Zealand. He brings deep experience... More

Nick Lennon is the A/NZ Managing Director of Island, leading the company’s expansion across Australia and New Zealand. He brings deep experience scaling technology and cybersecurity businesses across APAC and Europe, with a track record in market development, sales leadership, strategic partnerships, and enterprise account growth. Before joining Island, Nick spent more than 16 years at Mimecast, most recently as Vice President for Asia Pacific. His work focuses on helping organisations adopt modern, secure workspace technologies while strengthening resilience against evolving cyber threats.

Less
Byron Connolly Head of Programs & Value Engagement at ADAPT
Byron Connolly is a highly experienced technology and business journalist, editor, corporate writer, and event producer, and ADAPT’s Head of Programs and... More

Byron Connolly is a highly experienced technology and business journalist, editor, corporate writer, and event producer, and ADAPT’s Head of Programs and Value Engagement.

Prior to joining Adapt, he was the editor-in-chief at CIO Australia and associate editor at CSO Australia. He also created and led the well-known CIO50 awards program in Australia and The CIO Show podcast.

As the Head of Programs, Byron creates valuable insights for ADAPT’s community of senior technology and business professionals, helping them reach their organisational and professional goals. With over 25 years of experience, he has a passion for uncovering stories about the careers and personal philosophies of Australia’s top technology and digital executives.

When he is not working, Byron enjoys hot yoga, swimming, running, and spending time with his family.

Less
security compliance transformation