GARTNER,ISF CORPORATE INTELLIGENCE AND ATHINA

Corporate Intelligence:
How big data help us
to reduce risk

ISF CONGRESS PARIS 2013
2013

Corporate Intelligence: How big data help us to reduce risk

Main highlights in the creation of the BFA-Bankia Group
7 local savings banks signed

Since 1 January 2011 Bankia S.A. belongs to the

an integration agreement to

Banco Financiero y de Ahorros Group and is, in

establish a Contractual Group

turn, the parent company of its own financial

organised

Sistema

group (The Bankia Group). Bankia S.A. began

Institucional de Protección (an

trading on the Spanish stock market on 20 July

Institutional Protection Scheme

2011.

as

a

or IPS) under Spanish law

30 July 2010

03 December 2010

01 January 2011

The Central Body of the IPS was incorporated under the name

Banco Financiero y de Ahorros, S.A. (BFA), as the controlling

09 May 2012

The Board of Directors of Bankia
unanimously agreed to name José

entity of such IPS and parent company of the Banco Financiero y

Ignacio Goirigolzarri as Executive

de Ahorros Group into which the seven local savings banks

Chairman of the bank, which marks

(Cajas) and the rest of the subsidiary entities were integrated.

a new stage for the company.

2 de 22 / ISF CONGRESS PARIS 2013


Main strengths of the BFA-Bankia Group



Extensive multi-channel network in Spain



Diversified customer base



Business model oriented to customer service and
satisfaction and return on management



Key operating data
MAIN INDICATORS - BANKIA
 Broad customer base
 More than 7 million customers, with a very close customer relationship
 More than 260,000 SMEs and more than 290,000 independent contractors

 High market share
 ~10% share of deposits in the Spanish market
 4th largest bank in Spain
 Bankia Retail Network made up of 2,534 branches as of 31.05.2013

 Strong presence in original home territories
 Benchmark institution in its natural constituencies, with market shares above 15%

 Organisational strengths
 Integration capacity
 Powerful management information systems for enhanced efficiency and closeness to customers
 Smaller, more professional board of directors
 Streamlined Management Committee and representation in investee companies
Sources: BdE, Bankia . Data as of March 2013



1. Our environment
 Change in risk management scene

 Continuous need for new security measures
 New threats
 Change in real time

 Global view of the organization’s security
 More departments involved
 Enormous amounts of information security to be managed
 Compliance, public image, brand, legal, operational risk, security, etc.
 Intelligence sources, Government rules, etc



2. Problems we found (I)

 Reduced budget, investments must be carefully selected.
 Big data to be analyzed with reduced resources
 Need of impact simulations («What if» risk analysis)
 Minimum reaction times needed



2. Problems we found (II)
 Communication problems with the upper management and the
different areas of the organization
 Managers don’t have information to make decisions
 Decisions are made based on opinions, not in facts
 Heavy workloads to maintain ISMS (ISO27001)
and ITSMS (ISO20000), colleagues are bored of
security measures



3. What I felt day by day



4. How can I solve these present and future problems?
 Option 1: Spending one million euros in security hardware and
software




software

 Option 2: Spending one million euros in consultancy




software


 Option 3: Developing my own security methodology and adapting
it to all my problems



5. Keys of the methodology
 New internal function at service of the organization
 Control and management framework

I feel the power of the Force

 Increases decision-making capacity
by organization’s upper management

 Improves information analysis
 Technological, economic, legal,
security, image, etc

 Develops the assessment of threats and

impacts, giving a global control and security
measures application proposal
•

Work together with other security standards (ISO, CobiT, NIST, ENS, etc)



6. How it works? (I)
 Combines and analyzes multiple sources of information to obtain

an accurate image of organization’s situation
 Provides management team with all information needed to make
decisions based on existing risks
 Proposes, in a systematic and
automatic way, security measures
to protect the organization



7. How it works? (II)
 Specific dashboard with business views for each manager
 Risk Map generation per threat based on information available
 Ability to make security actuarial calculations based on historic
information of the organization
 «What if» risk analysis
 Impact simulations
 Automatic calculation and presentation
of controls and security measures
 Decision support tool for managers



8. ATHINA

Athina is the goddess of wisdom, courage, inspiration, civilization, law and
justice, just warfare, mathematics, strength, strategy, the arts, crafts, and skills.


9. What is ATHINA?
 A tool
 supports corporate intelligence methodology

 allows user to visualize in an easy way, all the information
supplied by the Corporate Intelligence sources through
dashboards designed for each manager

 It is a powerful way to sell information security to top level
management
 Handles and assesses all risks that affect assets

 i.e.

political

changes,

legal

environment, new regulations, etc.

environment,

economic


9. What is ATHINA?



10. Some details about Athina
 Needs assessment
 Budget, development life cycle, banking sector…Is this the right
moment?

 Evaluation of the options available in the market
 If it doesn’t exist, can the integrators help me?

 Selected option:
 Create a «Neutral tool»



10. What I have learnt during this way with Athina
 The focus is the methodology and the data’s relations
 If your idea works, make it beautiful
 One tablet can rule the world
 Show lot of information in ATHINA, it doesn’t mean better results
 Our bosses don’t have time, don’t loose time explaining all details
of the methodology



10. What I have learnt during this way with Athina



11. A picture is worth than a thousand words



12. Results of Corporate Intelligence
 We have make managerial decision-making easier through
improved information
 We have a complete view of risks affecting the organization in
real time
 We react faster to new threats

 We anticipate impact of various situations
 We have replaced “we think that” (opinion)
with “the data indicates that” (facts)
 We have reduced workload of ISMS
(ISO27001) and ITSMS (ISO20000) by 67%



13. Conclusions
 After doing a review of the environment, all the signals showed that
we had to change the way to manage security.
 The election was to develop a new security

methodology called Corporate Intelligence
that will allow to confront the current and
future threats.
 ATHINA, the tool which support it, provides management teams with
the information and the security measures they need to protect their
business and to make the proper decisions regarding risk

management.

Isabel María Gómez González
Email: igomezgo@bankia.com
http://www.linkedin.com/in/ismgomez

GARTNER,ISF CORPORATE INTELLIGENCE AND ATHINA

Recommandé

Recommandé

Contenu connexe

Similaire à GARTNER,ISF CORPORATE INTELLIGENCE AND ATHINA

Similaire à GARTNER,ISF CORPORATE INTELLIGENCE AND ATHINA (20)

Dernier

Dernier (20)

GARTNER,ISF CORPORATE INTELLIGENCE AND ATHINA