Understanding "Out-of-Band Verification" Clauses

The landscape of cyber insurance and the terms and conditions offered by providers are shifting. An increasingly common clause raising eyebrows is the "out-of-band verification" requirement. This stipulation, often buried within policy details, can significantly impact your coverage in case of cyberattacks like social engineering and funds transfer fraud.

Topics: Breach, Cyber, Ransomware, Hack, Hacking, Data, Insurance, Spear Phishing

If you think all cyber insurance policies are the same, think again!

What may surprise you is that, unlike many other insurance policies you purchase, cyber policies don’t share any common policy forms. Each carrier custom tailors their insuring agreements that make up your policy. Technically, this is referred to as a “Named Perils” policy. The coverage only applies to what’s explicitly stated in the policy.

So why is this important? Many policyholders believe that when shopping for cyber insurance, as long as the limits match, the process is apples to apples. Unfortunately, that’s not the case. Policyholders (aka “insureds”) need to be hyper-aware that depending on the policy, coverage can change.

For example, cyber crime is often a reason for insureds to purchase coverage. Stories of Wire Transfer Fraud and ransomware are rampant for a good reason. According to the law firm BakerHostetler’s 2023 Data Security Incident Response Report (bit.ly/BakerHReport), the current year has experienced dramatically increased ransomware activity compared to 2022. Their research also has shown that ransomware accounts for 28% of all cyber incidents, with an average ransom payment of over $600,000 and significantly longer recovery times than in years past. Wire Transfer Fraud wasn’t far behind, accounting for 13% of incidents, with a median wire transfer loss of $97,044 and funds recovery on only 24% of all cases.

Topics: Breach, Cyber, Ransomware, Hack, Data, Spear Phishing

Topics: Cyber, Ransomware, Hacking, Risk Management