There are estimates that global internet traffic could reach 175 zettabytes by 2025. Securing this vast digital ecosystem is complex. Amid the mass of data, Cloudflare has emerged as a significant player in shaping internet infrastructure and cybersecurity practices.
In a recent interview with Cloud Computing News, Alissa Starzak, Cloudflare’s Deputy Chief Legal Officer and Global Head of Public Policy, provided insights into the company’s approach to modern cyber threats and its mission to democratise internet protection.
Cloudflare’s free services revolution
Since its inception in 2010, Cloudflare has been trying to level the playing field in cybersecurity. Thus, the company decided to offer free services, a move that disrupted the industry and extended enterprise-grade protection to small businesses and individuals. “We were sort of a disruptor in our space,” Starzak said, “because we launched with a free set of services.”
Cloudflare launched its free tier as the company launched – fourteen years ago, on September 27, 2010. It believes its democratisation of cybersecurity has had far-reaching implications. Small businesses, previously priced out of robust online protection, have since benefited from content caching, improved access speeds, and critical cybersecurity services.
It created Project Galileo in 2014, highlighting its commitment to the “Tech for Good” initiative, providing free cybersecurity services to nonprofits and civil society organisations. Starzak recounted how the project was born after the company’s CEO noticed a Ukrainian press organisation reporting that Crimea was at risk of being knocked offline by a cyber attack.
“That should never happen,” Starzak stated, highlighting the role of cybersecurity in protecting freedom of information and civil discourse. Any qualified vulnerable public interest site can seek participation in Project Galileo, part of Cloudflare’s efforts to protect vulnerable voices online and ensure that financial constraints don’t silence important narratives.
According to Cloudflare’s Impact Report, as of 2023, the project had protected over 2,400 organisations in 111 countries, mitigating an average of 67.7 million daily attacks.
The AI revolution: A double-edged sword in cybersecurity
There is no denying that as AI reshapes the technological landscape, the impact on cybersecurity is profound and multifaceted. Starzak provided a perspective on AI’s role in defending against and creating new threats. On the defensive front, she said Cloudflare is leveraging AI to change threat detection methods and responses.
“We’ve actually done some things that are using AI to identify certain kinds of vulnerabilities and employ protections against them in an automated way,” Starzak explained. This application of machine learning has increased the company’s ability to protect its clients from emerging threats, she said.
Starzak acknowledged the potential for AI to be weaponised by malicious actors. While noting that large-scale AI-driven attacks haven’t yet materialised in force, she emphasised the need for continued vigilance and innovation in defensive strategies.
This aligns with industry trends. A 2021 report by Capgemini found that 69% of organisations acknowledge that they won’t be able to respond to critical threats without AI.
Balancing act: Free speech and content moderation
There’s also the complex web of internet governance, where Cloudflare finds itself at the intersection of free speech and content moderation. Highlighting the company’s nuanced approach to this challenge, Starzak emphasised the importance of maintaining clear distinctions between different types of internet services.
“We try to distinguish our kinds of services,” she said, distinguishing cutting off internet access and removing a single image. A granular approach allows Cloudflare to make more targeted decisions, avoiding broad actions that could have unintended consequences for free expression online.
Starzak elaborated, “If you think about an ISP versus a social media company, they look very different. And so for us, the idea has been, okay, let’s try and maintain some of those lanes and those lines because if you end up disrupting connectivity, you have a longer-term harm.”
Protecting the vulnerable: A call to action
Starzak called for greater attention to protecting the vulnerable. She highlighted the often-overlooked plight of small nonprofits and civil society organisations that lack the resources for robust cybersecurity measures.
“We haven’t been talking about them for as long as we should,” she lamented, recounting a story of a nonprofit that lost 20 years of work to a cyber attack. This, she said, underscores the critical need for accessible, user-friendly cybersecurity tools and practices tailored to organisations with limited IT resources.
Starzak pointed out efforts by the US Cybersecurity and Infrastructure Security Agency (CISA): “They’ve started to think about what toolkits look like. If you’re a small nonprofit, what do you need to have? What should you be thinking about?” Initiatives like these align with the cybersecurity industry’s recognition of advanced technology and accessible solutions for organisations of all sizes.
Looking ahead: Cloudflare’s vision for a secure digital future
Through initiatives like Project Galileo, strategic applications of AI in defence, and a nuanced approach to content moderation, Cloudflare is not just responding to the challenges of today – it’s working to create a more secure, accessible, and equitable internet.
Cloudflare’s mission to “help build a better internet” is significant. As Starzak says, it is about more than just technology – it’s about empowering individuals, protecting vulnerable voices, and ensuring that the benefits of the digital age are accessible to all.
Explore other upcoming enterprise technology events and webinars powered by TechForge here.