Web browsers have become a major security weak point for enterprises, and Safari is often the most overlooked. A new report from Omdia, commissioned by Parallels, surveyed 400 IT and cybersecurity professionals and found that 68% of organizations are seeing an increase in browser-based security incidents. Since most enterprise SaaS applications run in browsers, this represents a significant and growing threat vector that IT teams are struggling to address.

The browser support landscape reveals why the problem persists. While Google Chrome is formally supported by 88% of organizations and Microsoft Edge by 84%, Safari sits at just 46%. More concerning, 27% of organizations report that Safari is in use but not actively managed. On Macs, users naturally gravitate toward Safari for its speed and battery efficiency, yet IT departments often fail to implement proper management controls—creating a substantial shadow IT vulnerability right on employee desktops.

The consequences are tangible: 55% of surveyed organizations experienced or nearly experienced browser-based attacks in the past 12 months, with 22% suffering multiple successful breaches. Phishing leads at 40%, followed by data loss at 38% and malicious extensions at 34%. IT administrators need to either lock down Safari through device management, deploy purpose-built enterprise browsers like Island, or leverage secure extensions—treating browser security with the same rigor applied to macOS itself.