Need open source insurance?
Here's the deal. In order to get a maximum of $10 million in coverage, with a $250,000 deductible, you first spend $25,000-$50,000 on a "risk assessment," essentially an audit to see if you're mixing open source and proprietary code in your current operations.
Assuming you pass, you'll spend roughly $200,000 covering three types of risks:
- Risks that companies you acquire aren't mixing up their software, up to the "impaired value" of the acquisition.
- Lost profits from the use and sale of open source.
- Coverage for the costs of ripping-and-replacing. Gatto explains, "If you find open source in your software you don’t want to be there, it can be costly to rip it out and replace it."
Generally insurance policies are written and priced based on a history of losses. Gatto has only seen anecdotal evidence of such losses.
"When Cisco bought Linksys, it turned out some of the code in the Linksys firmware was open source. They were required to either open everything up or replace it. They decided to open it up. I don’t know if they calculated the value of the loss or not."
So let's sum up. A high price for minimal coverage, for a risk with limited documented history of losses. It's your call. Miller Insurance Group, a subsidiary of Lloyd's, is the broker.