Along with this online traffic growth, however, comes the increased risk of cyber-attacks. Over the last 24 months we have seen a significant rise in this activity, sparking concerns from industry commentators. We spoke with Joe Sullivan, CSO at Cloudflare to explore the true extent of this growing digital threat and moreover, what we can do as an industry to help combat this going forward.
Cybersecurity roles are notoriously under fulfilled across many industries, including gaming. Why is it so hard to find good cyber security talent and how can third party solutions such as Cloudflare help with this?
“Even though the cybersecurity profession is developing quickly, and many strong new people are joining the field every day, the growing technical risks (as every company becomes a “tech” company) and increased media, consumer, and regulatory attention given to the area are making more demands than the current workforce can support. Smart security leaders recognize that to do the job well they need to bring together a program that integrates internal employee staffing with third party services and products. Cloudflare offers products that solve a number of security problems that would be untenable to address solely with an internal team, and, importantly, most of our products are designed to be “set it and forget it” — meaning that you don’t have to hire someone just to manage the product full-time.”
What are some of the most dangerous types of cyberattacks out there and how can operators best protect themselves from them?
“Like with other crimes, cybercrime is often motivated by financial gain. Over the last couple of years, we have seen that desire for financial gain leads to an explosion in ransom-related attacks. No company no matter how small is immune from these debilitating attacks. We see attackers spraying ransomware out wide and far looking for opportunities to compromise any network. Small companies need to adopt a zero-trust approach to reduce their risk of being the next one receiving a ransom demand. And larger companies that already have made big investments in zero trust need to anticipate being on the receiving end of DDOS for ransom attacks on their critical infrastructure by implementing always-on DDOS solutions.”
Cloudflare’s network now spans more than 250 cities in over 100 countries around the globe, how does the size of that network help to better serve Cloudflare customers?
“We push our network aggressively out across the planet because it will help our customers. The closer our servers sit to the customer, the better the performance and reliability we can deliver. We use that expansive network to get visibility into attacks as soon as they start and to diffuse them and route around them more efficiently.”
The ongoing shift to digital, accelerated by the impact of Covid-19 has meant that as online activity increases, so does the opportunity for cyber-attacks. How has the impact of Covid-19 influenced the way Cloudflare services its gaming customers?
“There has been a tremendous acceleration in the shift to digital since Covid-19 started spreading, and the internet overall has stood up to this test quite well. At Cloudflare we had to adapt as much as anyone, have become adept at connecting with our customers closely even when we cannot meet physically, and have accelerated development of products and new technologies to support the demands for increased performance, stability and security.”
Many of the operators that are most vulnerable to online attack will be using aged legacy systems. How easy is it for operators to integrate with third party solutions such as Cloudflare on the back end?
“Most companies that are customers of Cloudflare are in some state of transition from legacy systems to use of cloud services and will be for years to come — it is often simply too expensive to replace everything at once. They selected Cloudflare because our network and zero-trust security solutions will support and work seamlessly with both legacy technology and cloud infrastructure.”
After speaking with Joe, it seems clear that in order for gaming companies to ensure their cyber safety for the future, they will need to adopt a strategy that leverages both in-house resources with 3rd party solutions. Going forward, this will be the most effective way to manage the ever-increasing cybersecurity demands.
The remaining threat of ransomware is also worth noting, whether small or large, companies must implement robust zero-trust processes to stay safe. We look forward to seeing how the industry continues to collaborate with innovative solutions providers such as Cloudflare, successfully combating the evolving threats of cybercrime in 2022.