Freely subscribe to our NEWSLETTER

Global Security Mag: What will you be talking about at the 2022 FIC - International Cybersecurity Forum ?

Boris Lecoeur: We will be talking about a number of innovative solutions, starting with our Cloudflare One cybersecurity solution, which includes our Zero Trust services platform but also email security, which we have strengthened with the acquisition of Area1. While we’re on the subject, I’d like to remind you that 95% of compromises still happen via email. We will also be presenting the recent releases of our DDoS protection and SASE offerings as well as our latest services for securing APIs, which are becoming the most prevalent type of traffic on the Internet. Lastly, we’ll also be showcasing the latest version of our Data Localization Suite (DLS) solution, which now also incorporates technology from Zaraz (a startup we acquired in late 2021) and thus ensures that tracking data used by third-party scripts like Google Analytics stays within the European Union. What all our solutions have in common is that our customers don’t have to choose between performance and security or between data protection and data security. We offer a holistic solution that combines performance, security and data protection.

Global Security Mag: What are the strengths of the solutions you’ll be presenting at this event?

Boris Lecoeur: Cloudflare’s mission is to help build a better Internet that is more performant, more reliable and more secure. All of our products and services are designed natively around these three points. Over the past two years, we’ve scaled up our Zero Trust solutions and launched new offerings such as our Remote Browser Isolation, which isolates the Internet browser on our Edge Computing points; Area 1, which offers the most advanced cloud-based functionalities to protect email systems, particularly against sophisticated phishing attacks; and Vectrix, a CASBI solution built into our Zero Trust offerings. Cloudflare now offers the broadest functional coverage to protect users, applications and infrastructure. We’ve also just received three new certifications to add to the many already awarded: the C5, the ISO/IEC 27018:2019 standard and the European Code of Conduct (CoC) issued by the European institution SKOPE. We’re very proud of this because we’re one of the very few companies that have been able to obtain these certifications.

Global Security Mag: Have you noticed any new cyber threats emerging since the beginning of the year?

Boris Lecoeur: Cyber threats never stop. They keep increasing and they are polymorphic. Just when you think you’ve got rid of one of them, another one pops up or even a new form of the one you thought you’d beaten. It’s a battle that requires not only constant monitoring but also fast-paced innovation. That’s what we’re striving for here at Cloudflare. I’ve already mentioned email threats but DDoS attacks are also on the rise in both frequency and severity. For example, in April of this year, Cloudflare detected and mitigated a 15.3-million-request-per-second (rps) HTTPS DDos attack, the largest attack on this protocol to date.

Global Security Mag: How should technologies evolve to counter these threats?

Boris Lecoeur: It’s not just the technologies that need to evolve, but also the approaches and response times to attacks and compromises. Traditional “fortress” models designed with traditional equipment such as firewalls and VPNs are no longer suited to either the threats or the uses. This is what Zero Trust is all about. Cloudflare enables a simple implementation on our Edge with one of the most connected networks in the world. This is the concept behind SASE (Secure Access Service Edge), the security as close as possible to users, attackers and applications. It’s also essential that we rethink the way we move technology, research and innovation forward. Rapid innovation is becoming one of the pillars of defense. In this area, Cloudflare has the mechanisms to innovate at an unprecedented speed: in 2021, we launched more than 800 new features or products.

Global Security Mag: In your opinion, how can people contribute to strengthening the defense strategy to be deployed?

Boris Lecoeur: People are an essential element of an effective defense and security strategy. If the human factor is neglected, it becomes the weakest link in the whole strategy. At Cloudflare, we believe that each and every one of us is an avatar of our CISO. That’s how effective security begins. It starts with education and training. And it’s also true at home, with the family. I would encourage readers to install Cloudflare 1.1.1.1 for free on all their connected devices.

Global Security Mag: There has been a skills shortage for years. What can cybersecurity players do to attract new talent?

Boris Lecoeur: Even though the cybersecurity profession is developing quickly and many strong new people are joining the field every day, the growing technical risks (as every company becomes a “tech” company) and increased media, consumer, and regulatory attention given to the area are making more demands than the current workforce can support. Smart security leaders recognize that to do the job well they need to bring together a program that integrates internal employee staffing with third party services and products. Cloudflare offers products that solve a number of security problems that would be untenable to address solely with an internal team, and, importantly, most of our products are designed to be “set it and forget it” — meaning that you don’t have to hire someone just to manage the product full-time.

Global Security Mag: What message would you like to convey to CISOs?

Boris Lecoeur: Try it out. Our Cloud solutions can be trialed very quickly and easily. After a few days, the results speak for themselves and migration only takes a few weeks. We are there for them, to advise and support them in their security efforts. Also, to go back to the talent search we were talking about earlier, my advice is to be open and to incorporate diversity into their recruitment strategy in order to have a team with diverse backgrounds. Then, for those who are not in cloud-native organizations and therefore have an existing on-premise infrastructure (which is the case for most large companies and public organizations), I recommend that they continue to transition from legacy systems to using cloud services over the next few years. At Cloudflare, we understand that it’s often too costly and complicated to replace everything at once, which is why our Zero Trust network and security solutions support and work seamlessly with both legacy technologies and cloud infrastructures. From a financial point of view, I would advise them to be careful not only about the set-up costs but also about the exit costs, the so-called “egress fees”, which can be very steep with some providers. There are hardly any egress fees with Cloudflare. It was with this in mind that we formed the Bandwidth Alliance in which we’ve been joined by other cloud providers.