PTC INC.

“We take a holistic, multi-layered approach to cybersecurity and privacy that combines traditional Defense-in-Depth methods with next-generation Zero Trust principles. In”

“developing our cybersecurity risk management program, we are informed by industry benchmarks and standards, including the cybersecurity framework created by the National Institute of Standards and Technology (“NIST”) and the Software Assurance Maturity Model developed by the OWASP (the “OWASP SAMM”). We also have various security-related certifications and authorizations, including ISO 27001, SOC 2 Type II and FedRAMP, for certain of our products and services.”

“Recognizing that technology alone cannot mitigate all security threats, we focus on developing our most critical resource: our people. Our corporate cybersecurity awareness activities are combined with enterprise-wide and department-specific tools and mandatory employee training, providing our employees with knowledge and resources to support our efforts to mitigate security threats.”

“We maintain processes and policies to try to anticipate security risks and facilitate compliance with applicable contractual obligations, regulations, and standards, as well as address any incidents or violations. We focus on continuous improvement and constantly mature our processes to keep pace with the rapidly evolving cybersecurity threat landscape.”

“We seek to automate processes and remove the potential for human error to the extent feasible by implementing technology solutions. From fundamental IT security to development of our software products and keeping our customers’ data safe, we aim to maintain a secure infrastructure that is appropriately monitored for possible threats.”