BBVA has today announced that it will be the first bank in Europe to deploy Google Cloud’s security analytics platform Chronicle and will use AI and machine learning to predict and prevent cyberattacks.
In conversation with Álvaro Garrido, chief security officer at BBVA, Finextra learns that the bank will collaborate with Google Cloud to adopt more advanced technology by placing it in a more cost-effective environment, with greater scalability.
Garrido explains that after three years of investing heavily in security and working towards becoming a data-driven bank, now is a good time for BBVA to fully reap the benefits of advanced analytics.
“We are getting to the point where we need to monitor more, detect better and react faster. I think these are the three components of not only BBVA’s security agenda, but what allows cooperation in the financial industry,” Garrido says.
Mentioning Google Cloud’s Network Telemetry and the ability to identify access patterns that may pose security or operational risks in real-time across a number of devices, he adds that the bank will be able to prevent threats “across the security chain - from the traditional computer space or in the IoT. It's the number of devices, [as well as] the granularity and the level of depth of what we monitor.”
Alongside this, with the understanding that Google Cloud will support the seamless method of analysing and querying a large amount of data, Garrido believes that Chronicle will provide a “much more reliable way to detect anomalies in the patterns.”
To avoid overkill and circumvent generating a high number of false positives, or false negatives, Chronicle will aid the detection and correlation of events so that BBVA can ensure automated security in a customer-centric manner, according to the CSO.
“Our intention is to automate a lot of the output so we can retrofit that into our systems and employ response at all levels,” Garrido states. “The platform surprised us in its ability to quickly and accurately mitigate possible threats.”
Elucidating on this, Garrido explains that in addition to the output, the amount of preparatory work involved in “proper advanced analytics” such as “pre-cleansing the data, tagging the data and labelling the data” was surprising. This will now be conducted using Google Elasticsearch, moving attention away from satellite activities.
“Let us be absolutely realistic. Storing huge amounts of data is complex and expensive. At the end of the day, in a way you are limiting the amount of data you want to retain. With Chronicle, that restriction is no longer there.
“The restriction on the amount of data is not about the capacity or the amount of infrastructure, or even the cost per point, it is about having logical sense around what you retain, always combined with the different regulations which need to be taken into consideration.”
This is crucial for the interoperability of data, future use of the cloud and federated integration with other large cloud providers and software-as-a-service vendors. “It’s about choice and making sure that whatever choice we make is future proof, is based on open standards and is interoperable.
“The security space has been fragmented for the last few years, and I think having a narrower selection of good vendors is important.”
Derek White, VP global financial services industry, Google Cloud adds: “The Chronicle platform was built to help companies like BBVA improve its security infrastructure, leveraging the speed and scalability of Google Cloud’s technology. This collaboration will solidify Chronicle as one of the key pillars of BBVA’s security infrastructure and will support its strategy in offering its customers a trusted approach to products and services.”
BBVA has worked with Google Cloud to digitally transform operations since 2011, namely using Google Workspace, to promote an agile way of working among its employees and allowing global collaboration, without putting the information at risk.
To this end, it was announced in August 2020 that Campus BBVA has trained approximately 2,000 employees using courses, conferences, and discussion groups focused on digitisation and tele-working as strategic capabilities that promise to be fundamental during the near future.
Before the pandemic, BBVA had already offered its staff a comprehensive digital training catalogue via the Campus BBVA platform and has since been refreshed to adapt to employee needs during Covid-19 lockdowns. The bank also held ‘Cybertraining Week’, a week to reinforce cybersecurity training content accessed by close to 2,000 employees,
Joining Garrido, Ricardo Forcano, BBVA global head of engineering and organisation, was on hand for the opening ceremony. Well-received activities of the week included solving a set of technical security tests in the Amazon Web Services (AWS) platform.
At the end of 2020, BBVA moved its market data distribution network to Amazon Web Services, providing an at-scale platform for the equity markets area of its Corporate & Investment Banking unit, now capable of handling vast volumes of data.
‘BBVA C-Fit’ combines technologies such as Amazon Elastic Kubernetes Service and Amazon Managed Streaming for Apache Kafka with Bloomberg’s B-Pipe, to render real-time direct access to market data over the cloud.
The new platform hosts all the processes of the equity desks related to the marking and management of market data used to set prices or manage book risk, and may also be used for mass pricing of products for their distribution through electronic channels.
In 2018, Google parent Alphabet formed Chronicle, a company focused on enterprise security, machine learning, data analysis and detecting cyber threats. Less than a year and a half later, Google Cloud 'acquired' Chronicle.