How banks work to enhance cybersecurity

“Technology is essential for BBVA”, states Álvaro Garrido, BBVA's head of Information Security and Engineering Risk during a cybersecurity seminar organized by the University of Navarra and held at BBVA’s headquarters in Madrid. “We have to complement digital business growth with the required security,” he said.

Álvaro Garrido: "We have to complement digital business growth with the required security"

Looking to the future, he stressed the importance of “security in design” and the collection and intelligent analysis of massive quantities of data as key tools to improve cybersecurity.  “BBVA is leading this area,” amid the creation of a global team of data scientists working on a shared platform. Additionally, he stressed the “holistic vision” required to understand the cyber risks within the total range of risks confronted by the bank, including physical security, the risk of fraud, operational risks, etc.

Another fundamental trend related to cybersecurity, according to Álvaro Garrido, is the importance of collaboration between the finance industry and the public sector. He also emphasized the need to educate banking sector employees about the business risks and threats related to the network. He anticipates that in the future artificial intelligence will be the technology with the most impact on the industry.

Asked what BBVA's cybersecurity will look like in five years, Álvaro Garrido mentioned the need to address the challenges introduced by technological areas such as quantum computing and artificial intelligence.

At the same roundtable, Albert Agustinsay, partner in the law firm Cuatrecasas, singled out the legal crisis that, in his opinion, we are experiencing with the numerous, co-existing regulatory measures that target different aspects of cybersecurity. For IBM’s Alon Bilorovsky, cybersecurity is a priority in an economic context where industry leaders will only be those companies that commit to a digital – especially mobile – strategy.

Along the same line, Carles Solé, head of Information Security at CaixaBank, warned that online fraud has a negative impact on the profits and reputation of financial institutions.

Security embraces cloud cover

Victor Espinosa, head of Engineering Strategy and cloud at BBVA, explained that the cloud is not just a technology but rather a “cloud economy enabler.” It is global; it eliminates barriers between industries and territories; it facilitates pay-per-use; its services are powerful, easy to use, and integrate.

However, it is not without security risks. "Risks associated with cloud adoption are basically the same as with other technologies, due to the explosion of services and data.” explained Victor Espinosa. In fact, he warns that the cloud could increase those risks if it is not managed properly.

Víctor Espinosa: "Risks associated with cloud adoption are basically the same as with other technologies, due to the explosion of services and data.”

Thus, he reiterated that the cloud adoption strategy cannot be a discrete strategy, but rather it has to be embedded in the business and technology strategy. For this, “having the right talent is key” he said. In his opinion, “cloud is a must.” Finally, the risks of not adopting this technology are much greater than those associated with using it.

Fernando J. Sánchez, director of Spain’s National Center for the Protection of Infrastructures and Cybersecurity (CNPIC) warned that “cyber risks are the flip side of the Internet.” In his opinion, it is important that businesses are aware that “the security of computer files is one of the most vulnerable points for attack.” The key to achieving a safe network involves an increased investment in cybersecurity, he stated at the close of the seminar.