There was a time when Spanish IT security firm Panda Security could rest on the laurels of its home-market dominance. Founded in 1990, the company saw very early success in the Spanish market and quickly took 90% of the market share.

But with the rise of the security multinationals, that figure has fallen to around 35%, leading the company to focus on expanding its presence overseas. That goal accelerated in 2007 when a venture capital group led by Investindustrial bought 75% of the company, intending to take Panda public in around 2012. At the time, though, the company was not in fit shape for global dominance.

“In 2007, the guy responsible for Panda in the US did not speak English,” explains present CEO Juan Santana.

“The way he communicated with the US team was through his assistant, and conference calls supposed to last one hour lasted three hours with consecutive translation. There was a huge cultural clash, and that in itself was having an impact.”

Even today, Panda has just 3% of the global market, according to its own estimates. But it is now undergoing a two-pronged strategy to increase that share.

The first objective is to consolidate its global operations. In June, the company announced that it had bought out its Swedish, Finnish and UK franchise operations, adding to the franchises in Belgium, Holland, Germany, Austria, Japan and China it has bought over the past two years. These join its existing subsidiaries in the US, France and Spain.

The technological component of Panda’s masterplan concerns its web-based, highly automated approach to security, an approach it has dubbed ‘collective intelligence’.

Panda distributes a free, lightweight and fully functional web-based antivirus solution called CloudAV to consumers, which harvests malware signatures for its paying customers.

Lacking the resources to deploy large teams of virus analysts in multiple countries, an automated model was really the only solution, Santana explains.

“When we had three million malware samples in the database, we had a problem of how to deal with the 3,000 to 5,000 new viruses arriving every day. Thank God we were small at the time and realised we were completely reliant on technology,” he says. “Today we get 50,000 suspicious files a day, of which 35,000 are unique malware samples.”

Santana estimates that the system now deals with 99% of viruses without human intervention. Moreover, he believes that while Cloud AV will monetise only a small percentage of users, its popularity will provide much-needed marketing for its business offerings.

The model, he acknowledges, is similar to that of AVG, who “have done tremendously well in terms of understanding the economics of the online distribution model.”

“It’s about breadth and monetising a fraction of a large user base, but our difference is the technology.”

Panda also has a different target market. “AVG is trying to get into the SME market, whereas my target is around 250 to 1,000 seats,” he says. “I don’t aspire to be the guy protecting CitiBank.”

Those smaller enterprises, Santana argues, are the ones looking for new and innovative approaches to security. “There are lots of dissatisfied clients coming out from big guys,” he says. “If I do things right, we can capture them at Panda.”