How to Think About the Future of the Internet

As LLMs become the gateway to the internet, agentic AI grows ubiquitous, and the threat landscape evolves faster, CISOs may need to think about security modernization in a new way. Everything from endpoint access to fraud strategies to data localization will be affected, says Grant Bourzikas, Chief Security Officer, Cloudflare. Still, he believes that despite these critical shifts in the financial sector’s digital landscape, the basics will be even more important: contextualized intelligence, core security principles – and common sense.  

Transcription (edited for clarity)  

Elizabeth Heathfield, Chief Corporate Affairs Officer, FS-ISAC: Welcome to the FS-ISAC podcast, FinCyber Today. I'm Elizabeth Heathfield, Chief Corporate Affairs Officer at FS-ISAC. Cloudflare, a key partner to the financial sector and part of our Critical Providers Program, has a pretty unique position in that 20% of the world's Internet traffic goes through its network. So it was fascinating to hear what Grant Bourzikas, Cloudflare's Chief Security Officer, thinks about how AI is changing the very nature of the Internet and the threats and risks associated with it that the financial sector needs to understand.

Heathfield: So let's start with the basics. How are you seeing the nature of the Internet change as LLMs come into daily use?

Grant Bourzikas, Chief Security Officer, Cloudflare: The Internet business model is changing. So today, if you search ‘who is Cloudflare,’ it's going to come up on Google. It's not going to actually go to cloudflare.com. It'll actually go to Google, and it will provide all of the content that the LLMs have done. There's not a business model for paid search. And then what's going to happen is that the content in the LLMs are going to erode.

We've taken a big stance on this because about 20% of all websites come through us. We see every IP address on the Internet roughly six times a day. And so we have a handle on what's going on, on the Internet.

The other interesting thing is that about only 7% of all AI bots are coming from the Anthropics and the DeepSeeks and the Geminis of the world. And so you have 93% of bots that we don't know what's going on. What we did on July 1st was, we created technologies and our bot capabilities, and we actually are blocking by default all the AIs, LLMs, the caching services that are actually pulling that data into the models. Now it's going to be a paid-for service that we're working on with many content writers.

Most of the big publications in the world are using us now, [asking] ‘how do I actually create my business model of the future?’ Which is going to be a shared revenue component with them.

Heathfield: So how did you weigh all of that in this consideration of the blocking of the web scraping? And then let's talk about how the financial sector is going to be impacted by this and how you think we should be dealing with it.

Bourzikas: Statistics are probably the best thing on this. Ten years ago, for every visitor that Google sent you, they crawled the website twice. That seems like, ‘hey, we're going to call your website and we're going to send it out.’ Six months ago, Google was six to one. So, they went from two to one to six to one. OpenAI, six months ago, was 250 crawls for every one user, and Anthropic was 6,000 crawls to every one user. Today, it’s 18 to one for Google. OpenAI is 1,500 to one, and Anthropic is 60,000 to one. What this means is that they're taking the content and bringing it back.

When we think about this, this is a media thing: 'How do I actually get content? How do I think about freedom of speech?’ From a cyber standpoint, we're already really good at this with our bot detection, our bot products. And so it's just turning it a little bit different; instead of trying to identify a bot, it's trying to stop the bot, and how do we do this.

It sounds like this is a bad thing for the LLMs. But the LLM providers – the Googles and the OpenAIs – are all supportive of this because they realize that they can't cannibalize the content. Because the content will not be generated [if they do]. There's actually a big partnership between us and all of the OpenAIs of the world; they're large customers of ours.

The media organizations say ‘we have to find a sustainable way from a business model on how the internet's going to be consumed.’ Because you can already see it, that content is going to get into a [large language] model. People are going to stop writing content, and the model’s going to become less sophisticated and interesting. I think that is a key thing.

And even from a strategy [perspective], you should know what you're going to protect and what you're not. And security people say, ‘well, didn’t we have robot.txt and all these files to protect it?’ Well, they weren't listening, right? I mean, we always say in cyber that people just would ignore the robots.txt file; they would just go around it. We as security practitioners know that if we try to put some sort of enforcement up, they'll go around it, and we'll put another enforcement up. And this is the way it's gone on for as long as I've been in cyber, since the late 90s. It's just this cyclical process.

Heathfield: Right, and we obviously know about deepfake-enabled fraud and all of that kind of stuff. But if customers can't tell what's real, what are the threats that the financial sector needs to be thinking about? And how do we need to think about this sea change in how the Internet is going to work in terms of preserving the trust of our customers and other stakeholders?

Bourzikas: You know, when I think about financial [services] and banks, I think, ‘how do I think about KYC [Know Your Customer]? How do I think about authenticating users?’ I should be thinking about it today, but I'm going to be really concerned in two years. And back to your first point, which is the content that is being captured looks at commonalities, right? You're trying to find commonalities. You're crowdsourcing things within an NLP [Natural Language Processor]. You'll have a hard time determining what is accurate, what is not accurate, and it will just produce what articles are out there. And so we all know that these LLMs are looking at content in aggregate, not necessarily the quality of content. And so [LLM providers will] have to look at how they're doing that. I'm sure they're doing that already. But I think those are things.

And so when we start to think about how we're – you know, if you look at me, I'm relatively out there. You can see my face, you can hear my voice. It wouldn't be hard to try to get me or have somebody impersonate me in my bank trying to make a wire. How do you know it is me? You text my phone. Well, you know about phishing and smishing and all of those things, right? We can't do video anymore – we're already seeing threat actors do video and deepfakes on interviews to try to get jobs. We already know that they're finding avenues. Voice recognition is very easy to do.

[We need to think] just in simple terms of knowing our customer, understanding who our customer is, if they're not sitting in front of us. And I think that is going to be a problem. There are technologies that we will try to do, and they're out there in the market. I think a lot of the venture capital space is in this AI thing of ‘how do we look at and think about fraud and how do we think about these things?’

But [comparing] deepfakes two or three years ago to where they are now, it’s wildly different. And I think, you know, that leaves the question, which is, 'does that seem real?’ I think it's a question I always ask. Like, ‘did that person really say that, or is that a fake?’ And I think to your question about how are we going to understand if something is real or fake is really hard. When we think about ‘how are we going to authenticate people’, ‘how are we going to authorize into the systems,’ it's going to be a problem we're going to have to think about and address because this data is out there.

Heathfield: You think about somebody who's not switched on to it. You know, I don't know how we can hold people to expectations that frankly, I don't even know that we could meet even if we tried. Especially when deepfakes are getting more and more sophisticated and more and more realistic, and you know, branded emails and branded phone numbers and all of that are so easy to impersonate. It feels like a lot to be asking of customers.

Bourzikas: I think it is. The scenario we always hear that’s the bad one – you get a phone call from your son who says ‘I need $1000. I'm in a bad spot.’ And it sounds like him. That's easy to do. What we're seeing is much more advanced. We might even see a phishing e-mail followed up by a phone call. I think we have to use and apply the commonsense rule, like would my son call me asking for $1000?

But I've also been with people that have been in that situation, and their kids did ask them for $1000. ‘I needed some money. I haven't got paid yet, and I'm moving into a new apartment, and I need money, Mom or Dad.’ I've seen that. And so I think we're going to have to go back to, you know, is that a real thing? Because what we're seeing in the threat landscape, I think, is very interesting. The attackers are targeting your heart or things that you're not thinking about, right?

The one that pops into my mind is, is anybody thinking about DNS registration and registrars, and trying to take over your DNS records? Well, they are, and they're finding different ways of trying to attack you. You know, we've seen that. The DNS thing is interesting because if I'm trying to take over the registrar for cloudflare.com, and if I can get cloudflare.com, I can do a lot of bad things, right?

Or we're seeing payroll systems attacked, and I'm trying to change your account information. And various things with domain hijacking, taking over advertising accounts that have [reputational consequences]. They're doing it in a way that is very creative versus mass scale.

When I think about these things – it’s [doing simple things]. Maybe you should just call your son or daughter back. Just say, ‘let me call you back.’ You're doing things that are a little bit more simplistic and doing the same thing the banks have always [encouraged] – they say ‘we will never call you. If you have a problem, make sure you call [the number] on the back of your credit card,’ right?

And so I think some of these brash tactics are going to get better because they're just very easy and they can catch you at a bad time. I think if somebody that wasn't cognizant, like your parents or siblings or your friends – that, you know, could be a nurse or a doctor – they may not pick this up. And I think getting some of this common sense [is necessary]. We see it on the Internet, we see it on Twitter, we see it on Facebook, we see it on Instagram, like, is that real? And I think we have to add the question I always ask – is that real? I was watching something this morning and asking ‘is that real? I don't think that's real.’

And the other one is, you're seeing very convincing people. The way they talk is very authoritative, very confident, and [it seems] like that person must be right. When you start to get deepfakes and voice recognition really tearing at your heart on attacks, I think that becomes a very difficult thing to defend [against]. And people are going to have to get a little more sophisticated – or what I call more basic – on ‘I don't think my bank calls me, I'm going to call you back.’ The things that I always think about are, how do we do this, and put back a little bit of the human touch, because we've gone all digital … I like to go visit people and see people in person. If I meet you over Zoom versus meet you in life, you have a better connection. And so as we think about these things, there might be a little bit of a retraction back to some of the old ways we used to do business, with handshakes and making sure we understand these things. That may be the better way to do things because what happens in the next five or 10 or 15 or 20 years is going to be wildly different. With artificial intelligence and LLMs and robots and all the things. I think if we can use it for good, it'll be all positive for us. But we don’t all use everything for good, right?

Heathfield: I do wonder what that means in a financial system that has essentially gone completely digital, right? When was the last time you went to a bank branch?

Bourzikas: I think it'll be very interesting for different types of transactions. If you have to place a big wire for your home, it may be different, right? I think where we have to get to with this is better intelligence, to contextualize intelligence. We're seeing a lot of threat actors doing a lot of things … in the sharing of data, the sharing of public/private partnerships. We're doing a lot of work with some of the larger banks on how we can think about data. At the end of the day, it's an IP address. It's some sort of context, but what I would even say is what the Internet does, moving into IPv6, shared IPs, it's hard. Everything's encrypted, so it makes it a lot harder. But I think that's going to be a key piece to the future of how we actually understand analytics and behavioral analytics around what customers are doing. I think it's going to be a very key thing and probably more important in the future than it has been in the past. I probably have predictable patterns. Maybe I don't, I don't know. I think organizations are going to have to do it. It goes back to we have to use artificial intelligence in the banks and the financial services – we can't tell people not to use [AI], ‘it's bad, it's evil, they're going to take our data,’ because we're going to have to use the systems and those technologies to be able to fight the bad guys, right?

And so how do we do these things? How do we actually shorten a development lifecycle on this? How do we shorten the time that gets a detection out there, whether it's on the website with fraud or whether it's internal security operations. I think those are things that are going to be very key. And having data is going to be at the root of all of it.

Heathfield: We've been talking about KYC and how do you identify that the person is who they say they are. One of the things I also wanted to get into was agents, right? And everybody's talking about agentic AI, and that's the coolest thing in 2025. How do you think CISOs and firms should be thinking about the whole explosion of agentic AI and managing identity from that perspective?

Bourzikas: Yeah, I think this is a big one, right? I think what you're seeing in the tech space is everybody wants an agent. And I kind of go back to the mid-2000s, where there was a security agent for everything, and it started to cause problems. More [around] performance, right? I've probably been in two financial firms that had over 25 agents, because we had to have an agent, and then there was this agent consolidation. I think we're back into that, but I think the risks are more. So we're going to put more agents on things, and there's a much more advanced type capability. I want to put an agent on the box that could pull telemetry, or it could pull logs, or it could pull [something else]. We security people want to do this. And the marketing people might want to put an agent to understand X or sales may want to look at productivity and HR may want to look at this. And now you're going to have 10 or 20 or 30 agents all competing for resources.

And we all know that with a lot of these small startup organizations, early in development, there's going to be security holes. They'll pin certificates, they won't set up the authentication right, there'll be open API holes. And I think we're going to see many more endpoints compromised because the authentication wasn't set up. I think the second thing, and we're seeing it prominently around data localization or what a lot of people call data sovereignty, now we have this data problem. One of the things I think is very interesting is that the location of where we process things in the future is going to be very powerful, right? Like, ‘do we need to deploy this on an endpoint? Do we need to deploy this in-country? Do we need to deploy this in one of the big hyperscaler data centers?’ … If I'm in France and I have employees in France, I need to have capabilities to capture that data in France. The same as a German employee in Germany, right, or US [employee] in the US. And we're seeing these regulations. We've had this pivot of everything goes in these big hyperscalers, but hyperscalers can't operate in all of the countries in the world. How do we actually drive that in the future? Where should things be more applicable? Because you're going to have this data problem. So I think you really have probably the two hardest things in cyber: a data problem and access.

With agentic AI, what are we going to do in the future regarding access and access to endpoints, because we've been trying to take access away from people for years, admin privileges, and now we want to deploy this agent with admin privileges. And I think that's going to be a problem that we're going to have to get ahead of. I think the hard part is that we can all handle that, but the business wants us to do this, [because] everybody else is doing this. So how do we do this securely and how do we do this well?

This is something nobody's done. I think this is something we think about – how do we control data – because we're seeing this global component, and many of the large countries already have this data localization; people have to keep the data in the country. And I think it's a good thing to have, but it makes doing centralized operations very difficult.

Heathfield: Do you think that firms are going to have to basically weigh a bunch of whatever their own concerns are and then kind of act alone?

Bourzikas: One thing I do think, which is good in the banking sector, is the lines of defense. There will be enough risk conversations around first line in the control office and second line, depending on where they are in an audit. I think you're going to have a lot of scrutiny on what this looks like. I think that is good.

But I also think there are some simple things that we should be thinking about. One that we do – everybody in our company has access to an LLM. It's an inference-only model. So there's no training and we still have guidelines of what we do, but we've enabled it across the organization. I think that's something that others can do to take all the concerns out – ‘I can't use X chatbot because it's going to take the data or it's going to train on the data.’ Well, don’t let it, right? There's capabilities to do that in the models. ‘Well, what about all the other models?’ Well, Cloudflare has technology that can redirect to the model or stop other models. [So if you say] ‘we only want to use Gemini or we only want to use ChatGPT, we only want to use Anthropic,’ anything else we see, we can pull it back in. That is a very easy win for organizations, when you think about it, is to get the controls. Now you want to make sure the regulators know what you're doing, and make sure that second line and third line understand this, make sure that that's how they build the architecture out.

I think around data localization, data sovereignty, you're going to have to have somebody that operates in countries. These have to be more conscious decisions than drift ones, because we always see these problems of where it is. People on this call and within the industry, they're very smart people that are doing some crazy things. I think just giving them some of these ideas to think about, like ‘how are we going to handle data localization and data sovereignty? How are we going to think about agentic AI? Should we put this in a startup that's been in existence for a year, it’s got 15 people, and we're going to deploy it on 250,000 agents?’ Probably not a good idea. And so I think that some of these things [are what we should think about] as we think about this – what is the direction, how are we doing this? Because the other big risk we see is this supply chain risk. I talked to CISOs that are worried about supply chain and now we're putting an agent [from] this little startup company that might have a CISO or a field CISO, but they're not going to have what the big banks or the small banks have from a resource capability scrutiny.

And so we really have to think about those kinds of components of who we're working with, how are we going to manage access to these agents, and what are they running, and then where's our data going? From a financial sector [perspective], that's very positive. Then I would wrap how we think about intelligence around it. How do we use this data to our advantage? And I even think that the security technologies will change over the next three to five years. They're already starting to change with how we do things with this agentic AI, this kind of data localization component, and then hyperscalers.

I think that'll be a very interesting thing as we see where it goes, and making sure you have the right vendors in place and the partners in place to be able to get you there in 5 or 10 years, where you're not caught up in kind of a legacy world. That is going to be very important.

Heathfield: How can you be proactive when you have to react to such rapid change all the time?

Bourzikas: I think for us technology people, this is the fun part. We get to see the evolution of this, right? We're seeing these IDE LLMs [an LLM built into an Integrated Development Environment to provide intelligent code completion and context awareness] that are changing how we do development. I think it's such a cool thing for some people; it’s a way to enable.

Now, it creates security risks. We've been doing some testing and I've seen some customers already program things, and they'll find the security vulnerability. And they say, ‘well, that looks like a security bug, a security problem, can you fix it?’ and they’ll fix it.

But when we think about things like this, think about what is going to be core. If I go back, even in my career, what are the things that are problematic – it's access and data. There are going to be regulations, they're going to change. We already know countries want to keep the data in their countries. We already know access is a problem, and we need to tighten it down. We already know data and how we restructure that, how we use threat intelligence. These are things every CISO and every security practitioner are doing. It just comes down to, are we thinking about these things as the most important thing in our strategy, or are we thinking, ‘hey, I need to do X?’

One of the things I always say is, how do we think about security modernization? There's always IT transformation and IT modernization. But we have to think about business problems. We haven't talked about technology a whole lot here. We talked about the surrounding components. But I can't do that if I have 50 or 60 vendors that I'm operating right now. Maybe if you're a large, large bank and you have thousands of people and a billion-dollar budget. But even when I had that, it was still hard, right? Because the bigger banks still have bigger problems, and they're widespread in hundreds of thousands of employees and millions and millions and millions of customers.

So how do we think about what is important that we should be focusing on? I think modernization, using the right vendors, making sure that we're enabling the business, is going to be a core component. And I think what stands in that is, ‘are the vendors that I'm using going to get me there [where we need to be in] five years?’ Think about ‘how do I simplify my network? How do I simplify my employee access models? How do I deploy AI on the edge in a country?’

Those are things that people should be thinking about because these solutions that do one thing, especially in this modernization of where AI is going, you need a vendor that can help. Not just one vendor. You need five.

Heathfield: Yeah, you need resilience, obviously.

Bourzikas: Yeah, you need to be resilient and go through things. And right, resilience is one of the biggest factors. It’s ‘how do I make sure I have that in place so that I can execute.’ We see that a lot – ‘I need another vendor’ – so you can start to actually shift traffic or have capabilities with this.

But it's going to be an interesting world ... when I finished my master's three years ago, none of this stuff really existed. And it was wise to go through it, but I wish I could go back and do it now and use one of these IDEs to help write code. Because I would get stuck in code problems for hours where now I could just type it in and it would tell me what to do.

Heathfield: One of the things that stuck out to me through this is, we still have to keep a laser focus on these basics around all of this stuff. The technology is going to change, which it always has, but access, data, intel, managing vendors, resilience, these are still the basics, and they're going to remain the basics no matter what. It's just the complexity of it feels like it's just going to keep expanding and exploding. It’s going to be more complex, and the latest technologies and all of that, but the fundamental issues and the fundamental principles of what it means to be a CISO and protect the trust in your firm don't really change. Would you say that's true?

Bourzikas: I would agree. I think some of these core principles haven't changed in 30 years. They just iterate faster. So Moore's law is faster or maybe it's Elizabeth's law now, right? We've had access problems for years. That's where all the 99% of all the breaches originate. We have data problems. We just have to think about it in a modern world, where we need to use that data or that intelligence. We need to be more resilient, right? We need to make sure our supply chain is protected, those are things we've all worried about. It's just a different angle on how CISOs and practitioners think about this. It's probably more important now that you can enable the firm to be able to move quick, because you're going to need to do that. How do you become more nimble? How do you not have 40 processes to roll something to the cloud? What does that look like?

The banks aren't going to be taking major risks. But you need to understand where the world is going, what the internet's doing, what's that consumption model driving? Because then maybe my vendor portfolio looks different. Maybe the people I hire look different – maybe I need to hire X. Those are many things that we have with my peer group. The things I hear [are about] are cost, complexity, and people? Those are the three things: my environment is too complex, my cost keeps going through the roof, and I need to find ways to have more people in the organization.

And AI may fix the people thing, right? Complexity, we need to drive. Reducing complexity lowers cost. As we think about these things, it'll be a very interesting thing because it's just the next iteration of where we're going. It's just faster than it was two years ago. It’s faster than it was five years ago. Even attackers – they would do something, and we would defend; they would attack, and we would defend. It might have taken 180 days, or you know, the old Verizon reports were 300 days. Now that may be happening in hours, if not minutes. As we think about this, that's where our heads need to be. And then, how do we help our business grow and be successful? How do we enable them?

Heathfield: Okay, well, that was a lot. Great conversation. Thanks. Looking forward to hearing more from you and working with you guys more as part of our Critical Providers Program. And any last words you want to say?

Bourzikas: That was great. If I can ever help anybody, please reach out. Happy to do it. Happy to be coming back into the financial sector, it's wonderful to see everyone. So thanks for having us on today and I really enjoyed the conversation.