The report Global Threat Landscape, recently released by Fortinet, one of the global leaders in cybersecurity and prepared by FortiGuard Labs, revealed that there were 2.4 billion exploitation attempts of vulnerabilities in Brazil alone during the first half of the year. Combined with the various data leaks that occurred in major brands between January and June due to insufficient protection offered by third parties, the explosive volume increases corporate concerns regarding the efficiency of security provided by their IT business partners, especially concerning the use of EDR (Endpoint Detection and Response).
According to Rodrigo Gazola, CEO and founder of Addee, a company that has been providing management, monitoring, data protection, and security solutions for IT service providers for 11 years, the study once again confirms that, given the rapid pace of digital transformation worldwide, companies that provide services to other businesses—and have access to their data and their clients’ information—must significantly increase their precautions and invest more in team training, as well as equipment updates, and most importantly, in implementing security layers beyond EDRs on all devices.
One of the cases that highlighted the risk of vulnerability exploitation by third parties in the first half of the year was that of the German company Adidas, which reported a data breach through an environment accessed by a service provider. Although the company reassured its clients by stating that more sensitive data such as credit card numbers and account passwords for store networks were not exposed, it confirmed that other information such as names, email addresses, phone numbers, dates of birth, and gender were indeed compromised.
Gazola explains that EDRs are security solutions considered the natural evolution of antivirus software and have gained prominence because antivirus programs are no longer capable of preventing certain actions exploited by hackers.
According to him, to reduce opportunities and consequently the fraudsters’ appetite demonstrated by the Global Threat Landscape study, it’s necessary to implement EDRs with robust PATCH update systems and vulnerability analyses—but always alongside a Backup solution.
“More than creating an impression of security, it’s crucial to demonstrate in practice that the organization is prepared. Scammers only retreat when they perceive there is no vulnerability to exploit. This requires discipline in applying the industry’s most advanced technologies and maturity in risk management. In cybersecurity, there’s no room for promises or good intentions: only consistent execution generates real protection and market trust,” he concludes.
