Case Study

Safeguarding composer royalties with integrated cybersecurity


The music never stops at Escritório Central de Arrecadação e Distribuição (Ecad), the organization responsible for managing music licensing and royalty distribution in Brazil. A single, connected Palo Alto Networks product portfolio safeguards royalty payments, provides 360-degree security visibility, and liberates IT resources to focus on other tasks – increasing productivity by approximately 47%. The cost of operation is also 30% lower than that of other shortlisted vendors.

In brief


Escritório Central de Arrecadação e Distribuição






Music Licensing and Royalty Distribution

Organisation Size

350 endpoints, 200+ servers


Penetration tests proved the inadequacy of the existing network and endpoint security platform. Legacy point solutions hindered security visibility and control.

    • Stop evasive threats in real time.
    • ­Validate every stage of a digital interaction. ­
    • Automate detection, investigation, and response. ­
    • Create a single security use case, reducing cost of operations.

Palo Alto Networks® ML-Powered Next-Generation Firewalls (with WildFire®, Advanced Threat Prevention, Advanced URL Filtering), Palo Alto Networks Cortex XDR®

Download PDF Share

Don’t stop the music

Music wouldn’t exist without songwriters, singers and musicians. In Brazil, they are remunerated by the organisation Ecad, which ensures the correct distribution of royalties. Ecad needed to rethink its network and endpoint security strategy to ensure those copyrighted creations continued to be efficiently protected and royalties paid.


Here for music and its makers

Ecad connects composers, performers, and musicians to the channels that enable music to touch and thrill. The Brazilian organization manages the payment and distribution of copyright royalties for public performance of music. It possesses one of the largest music databases in Latin America, bringing together 18 million musical and 338,000 audiovisual works.

Ecad awarded more than 316,000 composers and artists copyright income resulting from public performances last year, equivalent to R$ 1.2 billion Brazilian reals ($240 million). As with any organisation, its success makes Ecad a target for cyberattacks.

“We need to be 100% vigilant, 100% of the time,” says Igor Oliveira, Chief Information Security Officer, Ecad. “When I joined the company, we performed some penetration testing, and the ethical hackers reached the Active Directory within a few minutes. Any attack would have a huge impact on our ability to pay royalties and manage music distribution.”

The pen tests proved Igor and his team needed to take rapid, drastic action.

Endpoint security was a particular problem, as Igor explains. “We used a Sophos antivirus platform but experienced real problems with performance. It was clear that the slow AV package was undermining people’s ability to support songwriters, composers, and publishers.”


We needed to transform both network and endpoint security, closing vulnerability gaps, creating complete security visibility, and, where possible, automating security processes.

–Igor Oliveira, Chief Information Security Officer, Ecad


One connected, unified cybersecurity platform

Having worked with Palo Alto Networks previously, Igor quickly established some definitive requirements for the solution, which needed to:

  • Stop evasive threats in real time.
  • Continuously validate every stage of a digital interaction.
  • Automate detection, investigation, and response.
  • Create a single security use case, reducing the cost of operations.


Easier to manage than point solutions

A robust proof of concept saw Palo Alto Networks comprehensively outperform its competitors. Igor explains, “The Palo Alto Networks product portfolio outperformed other vendors in every scenario. The throughput performance was better, there were no breaches during the test attacks, and the unified portfolio is so much easier to manage than a disparate array of point security technologies.”

Network security was the first issue to be addressed, with ML-Powered Next-Generation Firewalls (NGFWs) chosen over Fortinet. The PA-3220 devices protect Ecad’s entire perimeter, including the HQ, branch devices, and remote applications. These firewalls are complemented by an integrated suite of Cloud-Delivered Security Services, including WildFire, Advanced Threat Prevention, and Advanced URL Filtering. The CDSSs are all natively integrated, efficiently protecting all traffic via the cloud.

Cortex XDR is also deployed, providing full visibility and analytics across 95% of the servers and endpoints. It uses behavioural threat protection, AI, and cloud-based analysis to stop threats. Machine learning profiles behaviour and detects anomalies indicative of an attack, and a complete picture of each attack ensures fast investigation and response.

Diego Abbade, Security Analyst, Ecad, adds, “The Cortex XDR performance shone through against CrowdStrike and Sophos. The CPU utilization is incredibly low.”

All of this was masterminded by the Palo Alto Networks partner, Brainwalk. The team provided consulting and implementation services – from C-suite acceptance to project approval and training. Brainwalk also extended the security culture across Ecad, successfully creating a team of champions who are passionate about the solution.


We are really pleased with the two firewall devices. They offer great throughput capacity and are very easy to configure. We simply turn all the configurations on, and the hardware works the way it should.

–Diego Abbade, Security Analyst, Ecad


Continuously paying royalties to members

The connected Palo Alto Networks product portfolio provides Ecad with a single, unified cybersecurity platform – where everything is integrated to work as one. The benefits include that it:

  • Ensures uninterrupted service: By preventing cyberthreats, Ecad can continuously pay royalties to its members when their work is broadcast, streamed, downloaded, reproduced, or publicly performed.
  • Reduces cost of operation: According to Igor, the Palo Alto Networks product portfolio acquisition and renewal costs were 30% lower than those of the equivalent Fortinet and CrowdStrike cybersecurity platforms.
  • Drives more efficient operations: Productivity has increased by approximately 47%. The 17-strong team of security and infrastructure professionals can now devote more time to strategic IT issues, confident that repetitive daily security tasks are automated and fully controlled.
  • Provides complete visibility: Ecad has total, 360-degree visibility over its IT infrastructure. The team can immediately identify unsolicited attempts at lateral movements over the network, for example. There is also a complete audit trail of who did what, when, and where.
  • Increases agility: According to Igor, Palo Alto Networks was more competitive than the Fortinet network security platform. The latter would have needed to provide higher specification, and thus more expensive, hardware to match the deployed Palo Alto Networks NGFWs.


Palo Alto Networks is a trusted partner in our cybersecurity strategy. Their product reach, future roadmap, and professional expertise safeguard Ecad’s infrastructure both now and in the future.

–Igor Oliveira, Chief Information Security Officer, Ecad

Learn more about Palo Alto Networks on the website, where you can also read many more customer stories.