Zero-Day Research Needed To Protect Mexico’s Infrastructure

Positive Technologies is a global cybersecurity company that offers products, solutions, and services designed to protect businesses and critical sectors from cyberattacks, focusing on cyber resilience and measurable results.

Q: How does Positive Technologies position itself in the Latin American cybersecurity market, and what are its main differentiators against other players in the sector? 

A: We are a global supplier focused on making cybersecurity measurable, efficient, and result-driven. This vision resonates strongly in Latin America as companies demand concrete outcomes like fewer incidents and faster detection. Our primary differentiator is this result-driven approach. We do not sell isolated products; we build comprehensive strategies that integrate visibility, detection, and the prevention of non-tolerable events. This strategy is backed by decades of research, during which our team has discovered hundreds of zero-day vulnerabilities in major vendor systems.

Q: Which of your solutions are most in demand by Mexican companies and what specific needs are they helping to solve? 

A: In Mexico and Latin America we see growing demand for PT Network Attack Discovery (PT NAD) and PT Application Inspector (PT AI) as companies seek to enhance visibility and control over complex infrastructures. PT NAD, our network detection and response system, is particularly effective at identifying lateral movements, hidden malware, and threats in encrypted traffic that traditional monitoring often misses. PT AI, meanwhile, helps organizations secure their software development lifecycle by detecting vulnerabilities early in the process, reducing remediation costs later.

Q: What are the main barriers stopping companies from acquiring your solutions? 

A: The main barrier is organizational maturity regarding cybersecurity. We find that companies are not always willing to invest because they do not fully comprehend the significant financial and reputational risks a cyberattack poses. There is a common belief that such events happen to other companies but not to them. Unfortunately, when they are confronted with an incident, it is often too late.

Q: How do you help clients find the right solution to their necessities? 

A: Our advisory process begins by analyzing the client's specific business and vertical, whether it is telecommunications, government, or banking, as each sector has common needs. We have experience across all sectors, particularly in protecting critical infrastructure. We are now sharing this expertise internationally, having made advances in the Middle East and now launching operations in Latin America.

Q: What advantages do your protection tools for critical infrastructure and industrial environments offer over traditional cybersecurity solutions? 

A: In cybersecurity, continuous software updates are critical; an outdated antivirus, for example, is ineffective. New threats emerge daily, especially against critical infrastructure. Our advantage lies in our proactive research. Our specialists detect zero-day vulnerabilities, flaws that no one has previously identified, almost daily. We are recognized for this work by major companies such as Apple, VMWare, and IBM, which thank us for discovering these vulnerabilities and helping them avoid future risks. Our team has detected over 200 zero-day events every year. This is supported by one of the largest R&D centers in Europe, where we have over hundreds of professionals dedicated solely to updating this threat intelligence database, out of a total of nearly 2,600 employees.

Q: From a regional perspective, what are the most critical cyberattack trends affecting Mexican and Latin American companies today? 

A: Our regional research team actively investigates the threat landscape, including monitoring dark markets to determine the value of stolen databases. Our recently published "Cybersecurity Threatscape Latin America" report details the key threats. Ransomware, data breaches, and supply chain attacks continue to be the primary threats to organizations. In Mexico, the public sector remains a key target for directed attacks. In contrast, in Brazil, we observe a rapidly growing darkweb market for stolen data and corporate access credentials. Furthermore, phishing and social engineering have become more sophisticated, often exploiting trusted local brands. These trends highlight the urgent need for proactive detection and rapid incident response.

Q: How will the growing sophistication of ransomware and targeted attacks influence enterprise cybersecurity strategies in Latin America?

 A: Based on our experience, despite the frequency of data theft and operational downtime, many companies do not become fully conscious of the threat until government regulations are enforced. Both in Mexico and Brazil, organizations are often more afraid of regulatory fines than of the attacks themselves. The most resilient organizations are those that view cybersecurity as a strategic investment, not a cost. Anticipating risks rather than reacting to them helps protect not only data, but also business continuity and customer trust. 

Q: How will the growing digitalization in Operational Technology (OT) environments shape enterprise security strategies in Latin America? 

A: Increasing digitalization, whether in a company or a country, does not automatically equate to protection. Frequently, the opposite is true. When digitalization accelerates, but insufficient attention is paid to securing the perimeter and internal infrastructure, it creates significant new opportunities for attackers. The risks range from financial theft to severe reputational damage or data loss. It is essential that as an organization expands its digital footprint, especially in Operational Technology (OT), it simultaneously prioritizes the strategy to protect that new digital environment.

Q: What expansion or brand-strengthening plans does Positive Technologies have for 2026 in Mexico? 

A: Latin America is one of our strategic regions, with Mexico and Brazil at the forefront. Our objective for 2026 is to expand our local alliances, build upon successful pilot projects and increase the adoption of our solutions in key sectors such as finance, industry, energy, and telecommunications. We also seek to strengthen collaboration with local cybersecurity communities, universities, and government initiatives to create a sustainable ecosystem focused on practical cybersecurity education. 

Q: What collaboration projects with local companies, governments, or startup ecosystems does the company plan to strengthen cyber-resilience in the region? 

A: We have just begun introducing our brand to the market. At the 2° Foro Nacional de Ciberseguridad in México, we presented our research on the Latin American threat landscape. We are actively conducting training for potential partners and have already launched several successful projects as we expand our alliances. We have existing use cases not only in Mexico but also in Uruguay and Brazil. We believe this is an ideal time for new partners to engage with us, as we are focused on creating "quick wins" to demonstrate how effectively our experience translates to the Mexican market. We are inviting partners to join us on this rapid path to success.