RSAC 2024

Cloudflare’s VP Security Technology, Operations On The Evolution Of DDoS, Election Security And AI

Expert Insights interviews Larry Wiggins, Vice President Of Security Technology & Operations at Cloudflare.

Last updated on Jun 28, 2024
Joel Witts Written by Joel Witts
Larry Wiggins - Cloudflare

Cloudflare is a leading connectivity cloud company used by millions of organizations globally to protect their networks from web-based threats.  Cloudflare blocks billions of online threats every day and helps organizations of all sizes stop advanced cybersecurity attacks. 

As cyber threats continue to evolve and grow more complex, Cloudflare is on the front line in helping not just organizations, but countries and territories stay protected. “Anytime there’s geopolitical problems, we see a significant uptick in attacks,” Larry Wiggins, VP of Security Technology at Cloudflare tells Expert Insights.

In this interview, conducted live at the RSA Conference 2024 in San Francisco, Larry provides his insights into Cloudflare’s strategies for securing systems and data in an increasingly sophisticated threat landscape, his top advice for CISOs attending the show, and the most exciting trends in the cybersecurity world.

The following Q&A has been edited for clarity and length. You can watch the full interview with Larry here or listen on the Expert Insights Podcast.

What is the #1 issue the Cloudflare team is here at RSA to discuss this year?

We’ve got several topics we’re going to talk about, not the least of which is election security around the world. We’re going to talk about AI. I’ll also be talking on Thursday about supply chain attacks, and how we can better mitigate those. 

Cloudflare recently released its DDoS Threat Report for Q1 2024, which found a 50% increase in DDoS attacks. What do you see as driving the increase in DDoS, and how are the attacks evolving?

DDoS attacks used to be fairly straightforward, fairly nuisance based. It put a company on its knees, but then would back-off, and the company could resume operations.

What we’re seeing more and more as DDoS attacks are being used to actually leverage much more malicious attacks. So, for instance, we’re seeing heavier traffic flows, more requests per second, bigger breakdowns in the attacks. We’re also seeing more widespread attacks. 

What it ultimately comes to from Cloudflare’s perspective, is that these DDoS attacks that we’re seeing, they’re really nothing new. It’s just a new way to use an old tool. If it’s not broke, don’t fix it.

How do you see DDoS attacks particularly affecting small businesses?

DDoS attacks used to be targeted largely at government and large businesses, enterprises. But, because of the proximity to the supply chain, it’s just as easy to knock a big business and a major player offline by attacking their supply chain.

Those small and medium sized businesses often don’t have the key security capabilities to protect themselves from a DDoS attack. So now they’re being attacked as a way to leverage up to the larger scale enterprises.

We’ve seen Cloudflare become a leader in the Secure Access Service Edge (SASE) and Security Service Edge (SSE) space, with your consolidated platform for network security. Can you talk a little bit about the benefits of that approach for teams and what you’re seeing in that space? 

When we talk about SASE and zero trust access, what we’re really talking about is, how do we limit and restrict trust to those individuals who in applications and ultimately other clouds that are accessing our networks.

The old days of being able to VPN from a known location into a data center are largely gone. At this point, we connect remotely to a data center, a cloud, a company, a SaaS application.  So, what we’re really looking at with zero trust access, and with SASE products, is how do we on-ramp up into a premise. 

And that’s where Cloudflare tries to take their connectivity cloud, and connect not just SaaS providers, but other public clouds, Cloudflare’s cloud, and on-prem applications all into one network. And then protect that network and the users that use it.

To circle back, you mentioned election security as being one of your main talking points. Can I ask you how Cloudflare is positioned in that conversation and what you are here to discuss?

Anytime there’s geopolitical problems, we see a significant uptick in attacks. We see it when Sweden and Finland joined NATO, and we started seeing the number of DDoS attacks against their sites spike up.  We see it pre-empting and during the troubles in the Middle East in October. 

Anytime we see those types of geopolitical problems, or there’s an election at play, we start seeing websites attempted to be taken offline. We start seeing more requests to have sites taken offline or DNS removed as a way to impede information flow. 

And ultimately, where Cloudflare wants to be in the middle of, and often does get in the middle of, is our ability to protect that data flow and protect that information flow. And to make sure that elections can go on go unimpeded. Or as unimpeded as possible.

What new announcements and innovations can we expect from Cloudflare this year?

We’re focused a lot around protecting elections. we’re also focused very heavily on AI. We’re continuing to protect against DDoS. As far as big announcements, we’re focused on how we can best serve our customers, best protect customers, and keep those elections free. 

If you could give one piece of advice to the CISOs and security leaders attending the conference this year, what would it be?

Continue to learn. Always. AI is currently the big thing. Obviously, there’s risks, threats and opportunities on all sides of AI. Whether you’re looking at it from the standpoint of: How do I protect my data going into the LLM? Or, how do I better leverage an LLM to get better information and better insights?

I think every CISO out there is struggling with multiple stakeholders in their company that want to leverage AI to do things faster and do things with fewer people. Ultimately, it’s going to come down to the actual business use case. And CISO’s are going to be expected to manage those use cases securely.

Taking the opportunity here at RSAC to learn more about it, learn how they can protect it, learn how they can use it to further their own security needs. I think learning is the best opportunity they’ve got. 

What’s most exciting you in the cybersecurity space today?

I’d be lying if I didn’t say it was AI. I think there’s huge opportunities that we are only just starting to tap. Everybody looks at AI as: “How can I do things faster?”

If I’m a developer: “How can I develop, redevelop the things that have already been done?” And then there’s obviously, you know, large dataset problems. 

But I think the most exciting parts of AI, as it relates to security, have yet to be discovered.

Listen On The Expert Insights Podcast

Learn more about Cloudflare: https://www.cloudflare.com/

About Expert Insights

Expert Insights is a B2B research and review platform for IT solutions and services. We help over one million IT managers, CISOs, small business owners, and other professionals discover the best IT and cybersecurity solutions.

Joel Witts

Content Director

LinkedIn Email
Joel Witts is the Content Director at Expert Insights, meaning he oversees all articles published and topics covered. He is an experienced journalist and writer, specialising in identity and access management, Zero Trust, cloud business technologies, and cybersecurity. Joel is a co-host of the Expert Insights Podcast and conducts regular interviews with leading B2B tech industry experts, including directors at Microsoft and Google. Joel holds a First Class Honours degree in Journalism from Cardiff University.