The Audit Podcast: "IA on AI – Keep AI browsers out of your enterprise"

Host: Trent Russell
Date: December 17, 2025

Episode Overview

This episode of The Audit Podcast, part of the IA on AI series, focuses on the critical and timely risk posed by emerging AI-enabled web browsers within enterprise environments. Drawing on insights from leading industry analysts such as Gartner and a new warning from OpenAI, Trent Russell explores why organizations should be vigilant about adopting these browsers, the security and data governance challenges they introduce, and necessary steps for internal auditors and IT leaders.

Key Discussion Points & Insights

1. Gartner's Warning on AI Browsers

• AI browsers cited: OpenAI’s Atlas, Perplexity’s browser, and similar agentic web browsers flagged as major security risks.
• Primary concerns:
  • Unmitigated security risk
    • These browsers can access web pages, emails, and internal content, process data, and potentially leak sensitive information outside of the enterprise’s control.
  • Potential for irreversible, untraceable data leaks
    • The AI’s ability to process and expose sensitive data increases risk.
• Recommendation: Full ban of AI browsers in enterprise settings.

"I think if you are on your AI governance committee, it should be raised to those folks as well." (Trent Russell, 01:07)

2. Understanding AI Browser Risks

• Agentic services in AI browsers:
  • Browsers with agent-like capabilities can act autonomously, sometimes clicking links or taking actions without user prompt.
  • Risk: AI could inadvertently click on phishing links or interact with malicious content.
• Prompt injection attacks explained:
  • Similar to SQL injection but involves embedding hidden prompts in web pages to control browser behavior without user awareness.
  • Example: Hidden text on a web page acts as a prompt and can direct the AI browser to perform unintended actions.

"There could also be hidden text somewhere on the page that's telling your browser what to do, as if you were writing the prompt." (Trent Russell, 02:03)

3. Current Recommendations for Enterprises

• Immediate action:
  • Do not download or allow the use of these AI-powered browsers on work devices.
  • Even recommends avoiding use on personal devices for added precaution.
• Future considerations:
  • Control solutions for AI usage in enterprises may take years to mature.
  • Despite general reluctance to blanket bans, AI browsers are an exception given current risk and lack of robust controls.

"I'm usually not a huge fan of just like, hey, let's block everything so that nobody can have access to it. But I think I would be willing to make the exception here if I was the CTO or someone in that role." (Trent Russell, 03:19)

4. Communicating Risk and Taking Action

• Leverage reputable sources:
  • Use Gartner’s research as authoritative evidence to support internal recommendations—especially if AI governance committees or leadership require external validation.
  • Internal advocacy is more effective when backed by respected industry analysis.

"Maybe if it's coming from Gartner they will be more prone to listening." (Trent Russell, 03:55)

5. OpenAI’s Latest Cybersecurity Warning

• Next-gen AI models and risks:
  • OpenAI reports their next generation models might autonomously develop zero day exploits or facilitate complex hacking operations.
  • General consensus that this shouldn’t surprise anyone, but serious preparations are necessary.
• Internal audit’s role:
  • Critical function is to rigorously evaluate incident response plans in light of escalating AI-driven cyber threats.

"AI driven cyber attacks are going to be insane. I think at this point the best thing we can do from the internal audit perspective is to evaluate with incidents response plans. Make sure we're good to go from there." (Trent Russell, 05:07)

Notable Quotes & Moments

• On raising awareness:
  "I think if you are on your AI governance committee, it should be raised to those folks as well." (01:07)

• On prompt injection:
  "That's basically where you have the AI browser and it is autonomously doing its work through the agentic services and maybe it accidentally clicks on a phishing link or something to that effect." (01:54)

• Balancing risk with innovation:
  "I'm usually not a huge fan of just like, hey, let's block everything...But I think I would be willing to make the exception here if I was the CTO." (03:19)

• On audit’s best next steps:
  "Evaluate with incidents response plans. Make sure we're good to go from there." (05:07)

Important Segment Timestamps

• 00:00–01:07 – Introduction; Gartner warning overview
• 01:08–02:24 – How AI browsers function and security implications
• 02:25–03:18 – Prompt injection attacks and recommendations
• 03:19–03:54 – Immediate organizational steps and leadership messaging
• 03:55–04:22 – Leveraging Gartner’s authority for policy decisions
• 04:23–05:07 – OpenAI cybersecurity warning and next-gen AI concerns
• 05:08–end – Internal audit’s proactive stance

Conclusion

The episode delivers a clear and urgent message: despite rapid AI-related innovation, AI-enabled web browsers introduce sweeping data security and compliance risks for modern enterprises. Immediate, broad restrictions are justified until technology and governance controls can catch up. As Trent Russell emphasizes, auditors and IT leaders need to act decisively, leveraging credible research and ensuring that incident response plans are robust enough for the AI-powered threats of tomorrow.