MSSP CASE STUDY

TELEFÓNICA GAINS AN ADVANTAGE OVER CYBER THREATS AND COMPETITION

Company Telefónica

Industry Telecommunication

Headquarters Madrid, Spain

Employees 126,700 Website www.telefonica.com

We wanted to go a step further and gain the ability to detect and analyze external cyber threats before they affect clients’ businesses, and we needed a way to turn that ability into a global, scalable service offering.

Nikolaos TsouroulasHead of Cybersecurity Product Management at Telefónica.

effectively.

Gain real-time visibility into a broad range of emerging threat vectors targeting clients.

Deliver an innovative service with global scalability for clients in 21 countries.

Accelerate time to market and return on investment.

Simplify integration and operation of cyber intelligence data.

Became an early provider of a solution that delivers targeted intelligence for clients on a global scale.

Doubled the number of clients for the service last year.

Enabled service activation in just hours.

Helped clients quickly reduce risks and losses from fraud, business disruption, and brand damage.

Gained new service delivery and revenue opportunities.

As a cloud-based platform, Blueliv made it easy for us to implement. With the

module, Blueliv enables us to proactively

any given client and provide actionable information to help take action. It’s the best of all worlds.

Pedro Pablo Pérez GarcíaCEO at Eleven Paths and Global Security Managing Director at Telefónica.

CHALLENGES

SOLUTION

RESULTS

Blueliv multitenant and targeted cyber threat intelligence platform.

TELEFÓNICA GAINS AN ADVANTAGE OVER CYBER THREATS AND COMPETITION 2

•

•

•

••

•

•••

•

CHALLENGE

TRANSFORMING TO A DIGITAL TELCO

Telefónica is transforming itself into a “Digital Telco” one that anticipates and leads technology innovation to help its clients bene�t from everything that technology can offer. As part of its promise to clients, the company actively identi�es and develops new revenue-generating services that solve critical business problems. As Telefónica considered the cyber security challenges facing enterprises, it began building a sizeable arsenal of assets and services to protect clients’ business information and prevent fraud.

SOLUTION

A MULTISERVICE SAAS PLATFORM

Telefónica had learned about Blueliv through mutual clients. Blueliv is a leading provider of cyber threat intelligence, analytics, and data. The Blueliv platform proactively discovers new attackers and victims every minute, with modules that address botnet, command and control (C&C), targeted malware, credit card theft, rogue mobile apps, hacktivism, data leakage, phishing and cybersquatting, and brand abuse threats. Blueliv enables Telefónica to give each client speci�c, predictive, actionable intelligence for decision making.

Telefónica implemented the cloud-based Blueliv platform in its Security CyberOperation Centre, along with other security services such as fraud management, phishing, and hacking detection. Because the platform is fast and easy to implement, Telefónica was able to see results in minutes. Monitoring is easy for the Telefónica team, because Blueliv delivers proprietary expertise and global cyber threat intelligence capabilities to a single pane of glass

In addition to offering the scalability of a cloud-based solution, Blueliv platform functionality is automated. The platform delivers 360,000 threat �ltered updates daily of actionable data to Telefónica analysts, enabling them to focus on each client without having to worry about adding equipment or scaling software. The Blueliv platform operates 24 hours a day and is available in multiple languages - perfect for the company’s global threat intelligence service offering.

OVERVIEW

One of the world’s largest telecommunications companies, Telefónica delivers best-in-class mobile, �xed, and broadband networks, together with a highly innovative portfolio of digital solutions, to meet its clients’ needs. The company is headquartered in Madrid, Spain, and manages operations in Europe, Asia, North America, and Latin and South America.

TELEFÓNICA GAINS AN ADVANTAGE OVER CYBER THREATS AND COMPETITION 3

Clients subscribe to the Telefónica offering and receive speci�c Blueliv capabilities with a layer of 24x365 services and incident response. Additionally, Telefónica uses the Blueliv API to extract and integrate data into its threat platform. This makes it easy for Telefónica to provide an adaptive threat response.

ADDING TARGETED INTELLIGENCE FOR AN ADAPTIVE AND AUTOMATED THREAT RESPONSE

TELEFÓNICA GAINS AN ADVANTAGE OVER CYBER THREATS AND COMPETITION 4

Sinkhole sensor, honeypots &

crawlers

Global threat databases

Partnerships & alliances

Customer & community

Hacktivism resources

Social network driven threats

Classi�cation & scoring

Sandbox analysis

Human intelligence

Botnet & identi�cation

Honey client direct side validation

VISUALIZATION & INTEGRATION

<<

<

<< <

DATA PROCESSING & ENRICHMENT

Correlation, categorization &

validation

TELEFONICA CYBERTHREAT SERVICESa

DATA GATHERING

Open, close & private sources

CYBER THREAT INTELLIGENCE

PLATFORMTargeted &

actionable delivery

X

RESULTS

MEETING CLIENTS’ NEEDS QUICKLY

With global threats escalating rapidly, Telefónica’s new managed security service could not come soon enough. Based on the Blueliv platform, the Telefónica CyberThreat Service was among the �rst to offer comprehensive threat intelligence on a global scale. Large enterprise and multinational clients can now receive targeted intelligence anywhere in the world. Telefónica quickly enrolled 30 well -known enterprises- including numerous Forbes Global 2000 companies.

CLIENTS GAIN EFFECTIVE, TARGETED INTELLIGENCE

Telefónica monitors and analyzes Internet threats speci�cally for each client and tracks more than 360,000 updates threats daily with Blueliv platform. The company’s cyber analysts receive real-time alerts and automated data, eliminating the need to manually correlate data from multiple sources and in multiple formats. They can then provide actionable intelligence that enables each client to defend against threats most effectively.

For example, since the service was launched, the Blueliv platform has indexed more than 85,000 stolen credentials that concerned Telefónica clients. Telefónica clients use the service’s information to ensure the authenticity of their brands on the Internet, increase client con�dence, eliminate fraudulent sales channels, detect information theft and fraudulent activity that result in economic loss, and better comply with security regulations.

FAST TIME TO REVENUE AND RETURN ON INVESTMENT

Because the Blueliv platform is offered as a cloud service, Telefónica can activate new client accounts quickly, without having to purchase, deploy, manage, support, or upgrade physical equipment. Rapid activation accelerates service revenue and return on investment for Telefónica.

SUCCESFUL ENGAGEMENT AND IMPLEMENTATION

JUNE 2013

POC, validation & offering approval.

SEPTEMBER 2013

Customization, training, deploy & service live.3 clients.

DECEMBER 2013

Integration with Telefónica Security CyberOperation Centre.6 clients.

DECEMBER 2014

Service deployed in Telefónica Regions. 21 countries.

JANUARY 2015

16 clients.

JUNE 2015

Full API access.

DECEMBER 2015

28 clients. 110,000 daily API requests.

TIMELINE

Cyber Threat Intelligence Platform (TIP)

TELEFÓNICA GAINS AN ADVANTAGE OVER CYBER THREATS AND COMPETITION 5

“”

Once we identify a client’s use case and con�gure the platform with the appropriate module, we can immediately - and effortlessly - activate monitoring. Fast activation accelerates better protection for our client and allows Telefónica to recognize results and revenue sooner.

Nikolaos Tsouroulas Head of Cybersecurity Product Management at Telefónica.

EXTENSIBLE TO BOOST OTHER OFFERINGS

Blueliv effectively complements other security vendors’ �rewall, IPS, and monitoring products to add intelligence and turn it into actionable security protection. The Blueliv platform uses standardized cyber security information-sharing techniques, such as STIX and TAXII to automate intelligence-sharing with other security devices. APIs and a powerful SDK simplify integration of Blueliv cyber threat intelligence with internal SOCs for greater security synergy. For example, threat intelligence data from Blueliv can be used to feed other Telefónica cyber services for early cyber-attack detection and mitigation. Integration and automated protections enable Telefónica clients to signi�cantly enhance their security operations.

A FLEXIBLE SERVICE FOUNDATION

Telefónica can also package and sell the Blueliv platform as a Security-as-a-Service offering to clients who have their own SOCs and want to manage the solution themselves. Either way, Blueliv provides a �exible foundation for enabling new business and service delivery opportunities.

NEXT STEPS

Telefónica’s priority is staying ahead of the innovation curve and providing cutting-edge security. With each Blueliv new feature implemented, Telefónica can add new service capabilities to its offering, giving it superior extensibility, scale, and competitive advantage. As the company builds out its Threat Intelligence offering, it also integrates additional intelligence feeds from other providers to get an actionable threat data processing. The ability of Blueliv to aggregate additional data and deliver the information in an automated manner in machine-readable formats improves the accuracy and effectiveness of other security measures and affords an automated global threat response.

As Telefónica blazes new trails in cyber security services, it is relying on solutions like Blueliv to most effectively meet its clients’ needs. And its clients are glad that they do.

Copyright © 2016 Blueliv is a Leap in Value Brand

For more information, visit www.blueliv.com

twitter.com/blueliv

linkedin.com/company/blueliv

plus.google.com/+Blueliv

info@blueliv.com

TELEFÓNICA GAINS AN ADVANTAGE OVER CYBER THREATS AND COMPETITION 6

Grow your business, increase sales and enhance your threat

intelligence capabilities.

BECOME A BUSINESS PARTNER

blueliv.com/company/partners