Case Study: BBVA
About the customer

Founded in 1857, the BBVA Group provides its 51 million customers with a comprehensive range of financial products and services. BBVA is a leader in the Spanish banking market, the largest financial institution in Mexico, and has market-leading operations in South America and the United States. Combined with its operations in Turkey and China, BBVA supports operations in 31 countries and almost 7,400 branches around the world.


Financial Services

Customer Since:



Event Management Software

Customer Since:


Services Used
Cyber Threat Intelligence

The Challenge for BBVA

Like most multinational companies, BBVA finds itself facing a rising tide of cyber threats of which they have no control, and they can only be aware of and be prepared for their arrival. In addition to rampant credit card fraudsters, the bank’s attackers include groups using malware, phishing, hacktivism, and attempts to leak data and financial fraud. Furthermore, the amount of cyber threat data received is massive and it is difficult to know which one addresses the company and to manage and make quick decisions with that data. BBVA’s IT and security teams are top-notch, and they always have taken a leading-edge approach to enhancing security. However, the threats they faced were now large-scale, extremely difficult to detect, and global in scope.

We already had hardened systems in place to combat typical banking-related threats, such as credit card fraud,” said Jose Ignacio Guarrido Gonzalez, Head of Global BBVA CERT. “We began looking for innovative solutions that would give us timely visibility into new breeds of attacks and attackers targeting our organization.

Global operations also complicated IT’s task. Business units in different countries face different threat types and levels. The cyber security team needs to be able to provide the right security services to each business unit without making security management so complicated that it becomes unworkable. Any new security solution and incident handling processes had to fit into BBVA’s centralized security operations model.


The BBVA IT team learned about Outpost24 through one of its partnering business units. Outpost24 is a leading provider of cyber threat information and intelligence. Through the innovative Threat Compass platform, enterprises can address a comprehensive range of cyber threats and gain predictive, actionable intelligence, specifically for the unique threats they face. As a cloud-based service, Outpost24 is fast and easy to implement, and delivers a wide range of targeted cyber threat intelligence into a single pane of glass. BBVA implemented the comprehensive Outpost24 solution, which includes modules that address botnets, C&C, targeted malware, credit card theft, rogue mobile apps, hacktivism, dataleakage, phishing and cybersquatting, and brand abuse threats. The Outpost24 platform’s flexibility made it easy for BBVA’s IT team to configure tailored cyber security solutions for each business unit around the world.

“Integration took less than two days and we saw our first threat reports within a few hours,” said Jose Ignacio. “Outpost24 gives us real-time access to trusted data about threats that specifically target BBVA as they emerge so that we can keep our defenses strong.”

Jose Ignacio Guarrido Gonzalez | Head of Global BBVA CERT


Actionable data for faster decision-making

With Outpost24, BBVA gained the insight it needed to significantly improve its ability to thwart malware. Since implementation in June 2013, BBVA has detected stolen data cards, identified stolen credentials, and reported unique Trojans targeting the bank’s online banking customers. As a result, this has enabled BBVA to take appropriate defensive measures, which reduced BBVA´s cost of cyber threats. BBVA also was able to track—and stop—worldwide hacktivism operations, including one that sought to endanger a top company executive by publishing his name, address, and contact information.

Increased brand confidence

The bank also has increased employee and customer confidence to protect its brand value. Since the integration of Outpost24’s solution, BBVA detected and tracked new phishing attacks targeting BBVA customers by monitoring phishing attacks in the wild and cybersquatting domain registrations. At the same time, the platform detected mobile rogue applications trying to masquerade as customers’ applications on Google Play, the Apple App Store, Windows Phone Store, and Blackberry World sites. With this intelligence, BBVA was able to manage takedowns before they were widely delivered to end-users. The Threat Compass data leak detection module monitored numerous cloud-based information storage repositories and P2P networks and notified the bank of information leaks. Armed with this information, BBVA strengthened its data leakage detection and took other measures to safeguard its data.

Always in control

Outpost24 works closely with us and other leading financial institutions to stay on top of emerging threats,” said Jose Ignacio. “As we see new threats and need new types of protection, Outpost24 has it for us and we can immediately switch it on. There is no downtime, need for hardware, or waiting a new software release.