Utimaco and Sophos partner with Peritus Security to help Massachusetts companies meet changing security regulations

March 20, 2009 Sophos Press Release

Utimaco- a Member of the Sophos Group, today announced it will be leading a series of educational initiatives across Massachusetts aimed at helping companies understand new state data security legislation mandating the protection of customer data. Utimaco and Sophos have teamed up with Peritus Security, a top IT security consultancy, to conduct the sessions that will educate Massachusetts-based C-level executives and security managers on rapidly changing regulatory laws that will impact their businesses.

The educational sessions come on the heels of the recent passage of 201 CMR 17.00, legislation demanding that companies with Massachusetts' resident data must verify that the data is safeguarded against theft. The mandate has left many companies unsure of how to formulate a written security plan and appoint an internal owner of compliance objectives.

The educational sessions, which will be held next week in Springfield, Newton and Boston, will feature commentary from Utimaco, Sophos and Peritus Security executives, as well as Ropes and Gray, a renowned national law firm with offices in Massachusetts. Utimaco will also share insights into how their customers are leveraging better management principles and advanced technology to meet compliance objectives. The sessions are in addition to a new website Utimaco will preview at the event, called the Compliance and Regulation Portal, that will keep companies fully up-to-date on regulatory news and information.

Each session, entitled "The Business Impact of Data Security Regulations" will feature presentations by industry experts Nagraj Seshadri of Utimaco, John Metzger of Sophos, Kurt Baumgarten of Peritus Security, and Christine M. Santariga, Esq., CIPP and David McIntosh, Esq., Partner of Ropes and Gray.

Topics covered during the event will include:

  • An overview of Massachusetts' data protection legislation, 201 CMR 17.00, from both legal and business perspectives
  • An introduction to the compliance process roadmap
  • Data encryption security technologies necessary for compliance
  • Best practices for ensuring compliance with endpoint protection, gateway protection and access control

The sessions kick off in Springfield on March 24 and will also be held in Boston and Newton on March 25. The sessions are free and open to the public. For additional information or to register, visit .

Recent high-profile data breaches have prompted outcries from consumers and new regulatory mandates imposed on companies. According to the The Identity Theft Resource Center, a record high 600 data breaches occurred in 2008 and each breach cost companies upwards of $7 million, on top of damages such as bad press, tarnished reputations, and lost customer loyalty. Though the price of a data breach is skyrocketing, the cost of technology to protect data and avoid such attacks has remained constant. Even with the current economic crisis and limited IT budgets, it is now more cost effective for companies of all sizes to deploy encryption solutions than it is to put data at risk of loss or theft.

"Companies don't have to be overwhelmed by the upcoming Massachusetts legislation and other pending mandates," said Nagarj Seshadri, Head of Product Marketing, Utimaco. "These laws underscore the fact that, as the cost and ramifications of a data breach continue to soar, the best investment a company can make is in encryption solutions that will protect valuable customer data. Utimaco remains committed to helping companies make the compliance process quick, affordable and stress-free and seeing the true business value in IT security."