This Week in NET

In this episode of This Week in NET, host João Tomé is joined by Chema Alonso, Vice President and Head of International Development at Cloudflare.

Chema shares how a 1998 paper on SQL injection launched his career in hacking, his path from running a startup in Madrid to becoming a Microsoft MVP for 14 years, and how he ended up leading cybersecurity at Telefónica for more than a decade — after telling them “you don’t have enough money to make me work for you.” He also explains why he left Telefónica in 2025 to join Cloudflare, and what surprised him about the company’s technical depth.

The conversation explores how AI is changing cybersecurity, from AI agents competing in Capture-the-Flag contests to automated attack chains running around the clock. Chema also discusses the black market for zero-day vulnerabilities, Cloudflare’s role in Europe, and how AI may reshape the economics of the Internet.

We also hear the story behind his famous beanie hat, a Bluetooth exploit that Apple initially called “a feature” until Steve Wozniak got involved and a quick-fire round covering his first computer, favorite hacks, admired researchers, and why Gemini once hallucinated that he went to jail.

⏱️ Timestamps 
01:00 — How SQL injection in 1998 started his career
02:36 — From startup to Microsoft MVP to training Spain's cyber forces
04:36 — Black Hat, Def Con, and the global hacking scene
05:53 — How Telefonica recruited Chema
08:49 — 20 years of daily blogging as "brain gym"
10:27 — The beanie hat origin story
14:34 — Why he left Telefonica to join Cloudflare
17:41 — What customers are most worried about: AI security
22:55 — Cloudflare's role in Europe: sovereignty, resilience, and growth
26:58 — How AI is disrupting the Internet's business model
28:44 — The evolution of hacking: from phreaking to AI agents
37:42 — The Dirty Tooth iPhone Bluetooth exploit and Steve Wozniak
41:39 — Quick-fire round: first computer, favorite hack, Kevin Mitnick
43:58 — Google Gemini hallucinated that Chema went to jail
46:49 — The future of the Internet and Cloudflare

In this episode of This Week in NET, Heather Orsi, Director of Strategic Finance & Investor Relations at Cloudflare, shares her unusual career path across finance, startups, and tech, and what it means to communicate Cloudflare’s story to investors and analysts.

Heather talks about her first days at Cloudflare just after the IPO, what it takes to explain a highly technical company to Wall Street, and how finance, strategy, and storytelling come together in investor relations.

This conversation is part of the Women of Cloudflare series for Women’s Empowerment Month.

Check the Cloudflare Blog:
https://blog.cloudflare.com

🎧 Subscribe for weekly conversations about the Internet and Cloudflare:
https://ThisWeekinNET.com

⸻

⏱️ Timestamps
00:38 — From banking and startups to Cloudflare
02:21 — Joining Cloudflare right after the IPO
04:16 — Explaining a deeply technical company to investors
06:31 — Communicating Cloudflare’s story to analysts
08:51 — The role of investor relations inside a tech company
11:16 — Being a woman in finance and tech
13:11 — Advice for people starting a career in finance

In this episode of This Week in NET, host João Tomé is joined by Cloudflare’s new Chief Marketing Officer, Jeff Samuels, to explore how marketing is evolving in the age of AI.

We discuss why brand still wins, how marketers are becoming “context engineers,” and how Cloudflare connects deep technical products to clear narratives that resonate with customers.

We also touch on the role of real-world events like RSA Conference, where Cloudflare will be present, and why in-person moments still matter in an increasingly AI-driven, digital-first world.

⏱️ Timestamps
01:44 — News roundup (AI, policy, product updates)
03:25 — Meet Jeff Samuels (Cloudflare CMO)
04:07 — Background: startups, policy, global experience
06:46 — From product to marketing mindset
08:25 — Lessons from OpenDNS and Cisco
11:47 — Marketing in tech: empathy and understanding systems
13:27 — Lifecycle marketing and customer connection
15:05 — Why Cloudflare (people, mission, opportunity)
16:49 — Marketing as the “architect” of go-to-market
18:38 — Brand vs demand
20:48 — Events like RSA and why they still matter
27:02 — AI and the shift to orchestration
31:39 — What’s next for Cloudflare marketing
34:02 — Quick fire: skills, mistakes, brand vs performance
36:49 — Advice for marketers entering tech
37:27 — One word for Cloudflare: opportunity

In this Women at Cloudflare segment for Women’s Empowerment Month, Sofia Cardita, Systems Engineer at Cloudflare, shares her journey from clinical psychology to engineering.

Sofia explains how she transitioned into tech through self-learning and hands-on building, and how AI is changing the way engineers work today. She also reflects on observability, teamwork, and finding balance as an engineer.

⏱️ Timestamps
00:12 — Sofia Cardita: background and role at Cloudflare  
00:49 — From psychology to engineering
02:02 — Self-learning and building from scratch
03:03 — What she enjoys about engineering (proudest projects)
04:18 — Observability and understanding systems
04:59 — Advice for getting started
05:07 — AI as a learning tool
05:55 — Going deeper despite AI
06:10 — Using AI in daily workflows
07:02 — Productivity: rest, focus, and balance

In this episode of This Week in NET, host João Tomé is joined by Warnessa Weaver (Senior Product Manager) and Yumna Moazzam (Senior Product Marketing Manager) to break down Cloudflare’s SASE blog takeover week and what it means for enterprise security.

Cloudflare One is evolving into an agile, composable, and programmable SASE platform, built natively on Cloudflare’s global network spanning 300+ cities. The conversation explores how organizations can modernize remote access, secure AI adoption, and replace legacy architectures that often take 18 months to deploy with migrations completed in 4–6 weeks.

The episode covers:
• Post-quantum encryption now in GA for Cloudflare One
• Deepfake defense through a new Nametag partnership
• Adaptive access with user risk scoring and signals from CrowdStrike and SentinelOne
• Programmable gateway policies using Cloudflare Workers
• DLP visibility for Microsoft 365 Copilot, ChatGPT, Gemini and more
• Clipboard controls for browser-based RDP sessions
• Closing the boot-to-login security gap with the Cloudflare One client
• CASB remediation for Microsoft 365 and Google Workspace

The episode also includes a run-through of other recent Cloudflare blog posts, including AI Security for Apps (now GA), slashing agent token costs by 98% with RFC 9457, Nvidia Nemotron 3 Super on Cloudflare, and a new stateful API vulnerability scanner.

Check the Cloudflare Blog:
https://blog.cloudflare.com/tag/sase

⏱️ Timestamps
00:37 — Blog run-through: AI Security for Apps, RFC 9457 agent errors, API vulnerability scanner
02:17 — Nvidia Nemotron 3 Super on Cloudflare
03:29 — What is agile SASE and Cloudflare One?
05:44 — Composability and programmability explained
07:53 — Built on Cloudflare’s global network vs legacy vendors
09:07 — The truly programmable SASE platform
10:04 — Custom gateway policies with Cloudflare Workers
12:16 — Post-quantum encryption in Cloudflare One
13:14 — Harvest now, decrypt later
14:34 — Boot-to-login security with the Cloudflare One client
17:35 — Independent MFA in Cloudflare Access
19:13 — Deepfake defense and Nametag partnership
22:15 — User risk scoring and adaptive access
25:26 — Data security: DLP, CASB, and browser-based RDP
27:21 — Microsoft 365 Copilot visibility
29:05 — Partner stories: TachTech and Adapture
33:09 — Zero Trust onboarding with Terraform
35:25 — Key takeaways