Cyber and IP Assurance
With the technology sector seeing massive growth and investment in recent years there is an increase in the need and desire of technology companies to insure themselves against a number of scenarios specific to software development where open source software components are part of the development cycle.
- Internal coverage for "business interruption" losses if their internal systems are attacked
- Indemnifying customers from issues caused by security vulnerabilities in the software code supplied to their customers
- Theft of their Intellectual Property
- Intellectual Property violations where software developers have used 3rd partly components and breach IP/licensing obligations
Inadequate policies and expensive premiums are keeping many organisations from buying Cyber and IP insurance. However coverage in this areas is improving and becoming more feasible for companies to take out this type of cover.
In order to help technology companies who develop software to lower insurance premiums Source Code Control Limited have developed a Cyber and IP Assurance Service. There are two levels to the service:
Cyber and IP Assurance Review
- Who are the management stakeholders?
- What is the risk management strategy?
- What does the policy cover?
- IP and Licensing
- Security vulnerability management
- Quality control
For more information about open source software policies see Link...
Cyber and IP Assurance Services
If a technology organisations currently does not have business processes in place to manage risk in software development, Source Code Control's Cyber and IP Assurance Service will provide the tools, training and resources to implement a continuous compliance program which will include:
Training - How to implement professional management of open source software (for more information see Link...)
Open source software policy creation (for more information see Link...)
- Processes to manage and mitigate risk in open source software development
- Business reporting
- Summarised risk report
- current risk exposure in software applications
- Licence compliance issues
- Security vulnerabilities
- Service and maintenance levels
- How long to fix issues?
- Meeting the service levels defined in the open source software policy
- Summarised risk report
- The business reporting can be shared with insurers as demonstrable proof of the proactive steps being taken to manage risk in software
Intangible IP and Trade Secret Management Risk
Source code control can go beyond looking at software and also offer service to help companies manage broad intangible IP risk and also in light of recent EU and US legislation around the requirements of companies to manage trade secrets we can offer a Trade Secret Asset Management Service for more information see Link...