Cyber and IP Assurance

With the technology sector seeing massive growth and investment in recent years there is an increase in the need and desire of technology companies to insure themselves against a number of scenarios specific to software development where open source software components are part of the development cycle.

 

Cybersecurity

  1.             Internal coverage for "business interruption" losses if their internal systems are attacked
  2.             Indemnifying customers from issues caused by security vulnerabilities in the software code supplied to their customers

 

Intellectual Property 

  1.            Theft of their Intellectual Property
  2.            Intellectual Property violations where software developers have used 3rd partly components and breach IP/licensing obligations

 

Inadequate policies and expensive premiums are keeping many organisations from buying Cyber and IP insurance. However coverage in this areas is improving and becoming more feasible for companies to take out this type of cover.

In order to help technology companies who develop software to lower insurance premiums Source Code Control Limited have developed a Cyber and IP Assurance Service.  There are two levels to the service:

 

Cyber and IP Assurance Review

An independent assessment and validation of what policies and processes are in place to manage risk in software development.Open Source Policy Document

  1.  Who are the management stakeholders? 
  2.  What is the risk management strategy?
  3.  What does the policy cover?
    1.  IP and Licensing
    2.  Security vulnerability management
    3.  Quality control

For more information about open source software policies see Link...


Cyber and IP Assurance Services

If a technology organisations currently does not have business processes in place to manage risk in software development, Source Code Control's Cyber and IP Assurance Service will provide the tools, training and resources to implement a continuous compliance program which will include:

           Training - How to implement professional management of open source software (for more information see Link...)

 Open source software policy creation (for more information see Link...)

  1.  Processes to manage and mitigate risk in open source software development
    1.  IP and licence complianceCode Risk Management Assurance
    2.  Security vulnerability management
    3.  Operational risk
  2.  Business reporting
    1.  Summarised risk report
      1. current risk exposure in software applications
    2.  Licence compliance issues
    3.  Security vulnerabilities 
    4.  Service and maintenance levels
    5.  How long to fix issues?
    6.  Meeting the service levels defined in the open source software policy
  3. The business reporting can be shared with insurers as demonstrable proof of the proactive steps being taken to manage risk in software

Intangible IP and Trade Secret Management Risk

Source code control can go beyond looking at software and also offer service to help companies manage broad intangible IP risk and also in light of recent EU and US legislation around the requirements of companies to manage trade secrets we can offer a Trade Secret Asset Management Service for more information see Link...

IP Risk Management

 

To find out more about Cyber and IP liability