Photo by Sarah Ferrante Goodrich / Unsplash
This October is the 15th annual National Cybersecurity Awareness Month in the United States, a collaboration between the US government and industry to raise awareness about the part we can all play in staying more secure online. Here at Cloudflare, where our mission is to help build a better internet, we look forward to this month all year.
As part of this month-long education campaign, Cloudflare is participating in D.C CyberWeek this week, the largest cybersecurity festival in the U.S, taking place in Washington, DC. This year’s event is expected to have over 10,000 attendees, more than 100 events, and feature representatives from over 180 agencies, private companies, and service providers. We will join with other leaders in cybersecurity, to share best practices, find ways to collaborate, and work to achieve common goals.
Along with the United States, the European Union also runs a month-long cyber awareness campaign in October, with the initiative having started back in 2012. The aim of this advocacy campaign is similar: promoting cybersecurity among citizens and organizations, and providing information on available tools and resources. Watch our CTO speak to some main considerations around good cyber hygiene, business practices and appropriate policy-making in the field of cybersecurity as part of EU #CyberSecMonth.
Cloudflare’s Cybersecurity Commitment
As well as our own company efforts, we have joined with 60 other global companies to sign on to the Cybersecurity Tech Accord. The Tech Accord is a public commitment to protect and empower civilians to take action to secure the internet. The accord itself covers four simple commitments:
That we will protect all of our users everywhere
That we will oppose cyberattacks on innocent citizens and enterprises from anywhere
That we will help empower users, customers, and developers to strengthen cybersecurity protection
That we will partner with each other and with like-minded groups to enhance cybersecurity
But more than that, it is about creating a forum where companies large and small can come together to share best practices, debate threats, and hold each other accountable for our efforts in this arena. It is also a place where we can share ideas for ways in which the government can help shape good cybersecurity hygiene through appropriate laws and policies. Signing on was an easy decision for us; these are commitments we have long supported in practice.
Cloudflare’s Cybersecurity Contribution
Beyond our collaboration with the cybersecurity community, Cloudflare runs two other initiatives, designed to make the internet a more secure place for vulnerable groups who might lack financial or technical resources.
Project Galileo
At Cloudflare, we believe that limited resources shouldn’t preclude vulnerable groups from receiving the support they need. As part of our commitment to the overall health of the internet, we started Project Galileo in 2014 to ensure that at-risk public interest groups are able to stay online securely. We started it in response to cyber attacks launched with the intent of silencing important and vulnerable groups, like humanitarian organizations, political dissidents, and artistic groups. We partner with well-respected free speech, public interest, and civil society organizations to help us identify at-risk websites in need of our pro bono efforts. Once our partners have identified these groups, we extend our DDoS and WAF protection to ensure these websites stay online. The hundreds of websites we protect through Project Galileo includes sites for a national organization providing crisis intervention and suicide prevention services to lesbian, gay, bisexual, transgender and questioning (LGBTQ) young people, an editorial cartoonist, to an organization designed to help veterans with PTSD.
The Athenian Project
The Athenian Project was born out of a recognition that state and local governments had similar challenges as our Project Galileo participants. In an era of increasing distrust on the internet, it is essential that state and locally run election websites are safe, accurate, and online. So we extended our Enterprise-level services to those sites for free. We believe it’s imperative that voter data and election integrity is maintained, and that we can and should help prevent attackers from stealing sensitive voter information that may allow them to sway an election. Election sites should stay online during peak times, like voter registration deadlines, and election days. We have seen huge surges of traffic in those key days, and our AnyCast network has allowed these sites to stay up.
Moving Forward
We believe CyberWeek is an important time for private companies to spend some time thinking about the broader world. This is just the tip of the iceberg, as we continue to think about new and innovative ways we can be good members of this community. We hope that you will join us in our efforts to help make the internet more secure.