Exclusive Interview: Anjali Joneja Amar on how Cloudflare is embedding AI into cybersecurity to address India’s unique threat landscape
As Indian businesses advance in their digital transformation efforts, the landscape of cyber risks is also changing rapidly. This evolution is driven by AI-powered threats, expanding cloud infrastructures, and increased compliance requirements. Leading this shift is Anjali Joneja Amar, who oversees Cloudflare’s vision for India and the SAARC region. Anjali, with her background at Microsoft, Verizon, and Tableau, combines deep technical knowledge with a nuanced understanding of the market.
In this exclusive conversation with Analytics Insight, she breaks down how Cloudflare is embedding AI into its global connectivity cloud to offer edge-first, Zero Trust security—from stopping credential stuffing on UPI APIs to neutralizing phishing threats with AI-native email defenses. She also addresses common misconceptions about edge security, shares threat intelligence findings from Indian enterprises, and offers powerful advice for women looking to lead in deep-tech domains.
With AI rapidly becoming both a defense and a threat vector, how is Cloudflare embedding AI into its security stack to anticipate and neutralize evolving cyber risks in real time?
At Cloudflare, we view AI as a strategic advantage in security, not just a tool. As attackers use AI to evolve faster, we respond with Defensive AI —our approach to embedding intelligent systems that learn from attack patterns across our vast network. This enables us to detect and block threats before they're known, from API abuse to phishing. AI helps us create tailored, real-time protection across email, applications, and our Zero Trust platform. The goal isn’t just faster detection—it’s smarter defense. By combining scale with intelligence, we’re helping customers stay ahead of threats and turn security into a business enabler.
What differentiates Cloudflare’s approach to zero trust and AI-enhanced DDoS mitigation in a market crowded with security point solutions?
What sets Cloudflare apart is our connectivity cloud—a unified global platform running all services at the edge. It hides customer origins, absorbs DDoS attacks locally across 335+ cities in over 125 countries, and protects across layers 3, 4, and 7 without rerouting to distant scrubbing centers. This same platform powers our Zero Trust approach, securing users, devices, and data with precise access controls. AI enhances this by detecting anomalies in real time, helping teams identify risks faster and act decisively. Unlike fragmented point solutions, Cloudflare delivers integrated, intelligent protection—built for performance, scale, and security from the edge inwards.
Can you share insights into any specific cybersecurity solutions or approaches that have been particularly successful in addressing the challenges faced by your Indian clients?
Organizations in India face unique cyber challenges—frequent DDoS attacks, API abuse, phishing scams, and rising compliance pressures. Cloudflare’s solutions have been especially effective in addressing these:
Automated DDoS Protection: Handles multi-terabit attacks via a 335-city Anycast network; AI mitigates zero-day exploits like HTTP/2 Rapid Reset.
API Shield: Secures UPI/SaaS traffic through schema validation and anomaly detection, blocking threats like credential stuffing.
Email Security (Area 1): Stops AI-generated phishing and CEO fraud, removes ransomware payloads pre-delivery.
These solutions can help Indian businesses stay resilient while meeting compliance, as well as scaling securely in a cloud-first world.
Given the rapid adoption of cloud services by Indian businesses, what are the key security considerations they should be prioritizing?
As Indian businesses accelerate cloud adoption, security must be embedded into every layer of digital transformation. With AI, edge computing, and cloud-native architectures gaining ground, organizations have an opportunity to shift from reactive defenses to proactive, scalable security. But with that comes a broader attack surface to remote users, connected devices, and cross-border data flows. The focus must be on real-time threat intelligence, adaptive access control, and security frameworks that evolve with innovation. Ultimately, cybersecurity in India will thrive on shared responsibility where tech providers and enterprises collaborate, and teams are empowered with both the tools and mindset to secure what’s next.
What are some of the unique cybersecurity challenges Cloudflare is observing among Indian enterprise organizations today?
Cloudflare’s Navigating the New Security Landscape: Asia Pacific Cybersecurity Readiness Survey reveals that Indian enterprises face significant cybersecurity challenges. Key findings include:
Rising Data Breaches: 55% of organizations reported breaches, with 82% noting an increased frequency. Medium-sized businesses (57%) and sectors like healthcare (69%) are the most affected.
Top Attack Vectors: Web attacks (68%), malware (53%), and supply chain breaches (38%) are leading causes. Customer data (37%) and user credentials (15%) are prime targets.
AI Threats: 93% of respondents are concerned about AI’s role in increasing attack sophistication.
Talent Gaps: 49% struggle with cybersecurity staffing, and 64% face slow detection and response times.
In an ecosystem that’s shifting from cloud adoption to cloud maturity, what are the most common misconceptions enterprises still have about edge security or application-layer resilience?
As Indian enterprises transition from basic cloud adoption to cloud maturity, many still operate under oversimplified assumptions about edge security and application-layer resilience. Here are the most persistent misconceptions—and why they’re dangerous in India’s threat landscape:
Many Indian businesses treat edge networks (like Cloudflare) as mere performance accelerators, ignoring their security potential. Why it’s risky in India:
Edge is just for performance: Many overlook its security potential, especially critical in India’s high-risk threat landscape.
Legacy thinking prevails: Security is still seen as speed or perimeter-based, while modern threats demand integrated, edge-first defense.
Zero Trust is only for big companies: In reality, mid-sized firms are equally targeted—especially at the app layer.
Public cloud = secure by default: Misplaced trust ignores risks from bots, fraud, and app-level exploits.
How is Cloudflare supporting enterprises in India as they deal with growing security needs?
Cloudflare is actively supporting Indian enterprises as they navigate increasing security demands with edge-delivered, AI-powered solutions that scale efficiently. Its unified connectivity cloud delivers stronger security, better performance, and faster time-to-value for digital investments.
A few of the use cases are:
API Shield: Blocks credential-stuffing attacks on UPI handles by enforcing strict schema validation and rate limiting. A leading fintech in India protected its UPI APIs against automated abuse using API Shield.
Edge-Cached WAF: The Cloudflare WAF uses threat intelligence and machine learning powered by platform intelligence from the Cloudflare connectivity cloud to stop the newest threats, including zero-days. A Japanese internet service provider leveraged Cloudflare WAF to mitigate sophisticated web attacks in real time.
Zero Trust (SASE): Cloudflare Access provides simple, secure user access to organizations’ internal resources, without a VPN. Provide a first-class experience for third-party collaborators with fast, safe access to applications and extend Zero Trust controls to sensitive infrastructure resources without disrupting developer workflows. An Indian financial services firm replaced its VPN with Cloudflare Access to enable Zero Trust-based internal access.
You often mentor emerging women leaders in tech—what core capabilities do you believe women must cultivate today to lead in deep-tech domains like AI, cybersecurity, and cloud infrastructure, beyond soft skills and representation metrics?
For women aiming to lead in deep-tech domains like AI, cybersecurity, or cloud, I always say—don’t just be at the table, learn to speak the language of the room. Start with technical curiosity. You don’t need to code, but you must understand how the technology works and why it matters. Build a product mindset—see where the world is going, and solve problems before others do. And most importantly, cultivate influence. Speak to boards about value, risk, and transformation. These are learned capabilities, not innate ones. Once you develop them, you don’t just lead—you shape the future of tech.
What changes do you expect to see in the cybersecurity space as cyber threats become more advanced?
As cyber threats grow more sophisticated—with AI-driven attacks, targeted phishing, and expanding digital footprints—cybersecurity is evolving from a reactive posture to a proactive, intelligent, and cloud-first model. Real-time threat detection, automation, and adaptable strategies will become non-negotiable. Crucially, cybersecurity must shift from being seen as an IT concern to a core business priority. At Cloudflare, we support this evolution through solutions like Cloudflare One, which secures users, apps, and data anywhere, and AI Gateway, which brings visibility and control to AI usage. In the digital age, resilience means being secure, agile, and transparent—all at once.
Looking ahead, what are the biggest cybersecurity opportunities and challenges you foresee for the Indian market?
India’s rapid digital acceleration presents a major cybersecurity opportunity, transforming security from a backend function into a pillar of digital trust. As cloud-first ecosystems grow, there’s a chance to build scalable, resilient security that powers innovation. But the challenges are real: an expanding attack surface, uneven security maturity, and the need for accessible, high-impact solutions—especially for small and mid-sized enterprises. At Cloudflare, we address this through Zero Trust Services and Cloudflare One, offering simplified, high-performance protection for users, devices, and apps. India’s cybersecurity future will be shaped by collaboration between industry, government, and innovators to ensure security evolves as fast as transformation.