Last Updated: March 2026
This FAQ answers the most common questions real estate professionals ask about Cyber Liability insurance. Cyber threats targeting the real estate industry — especially wire fraud, ransomware, and business email compromise — have escalated dramatically in recent years. Whether you are evaluating your first cyber policy, comparing carriers at renewal, or trying to understand what your current policy actually covers, you will find clear, factual answers below. If you have a question not covered here, contact PBI Group — we are happy to help.
Cyber Liability Insurance Fundamentals
What is cyber liability insurance for real estate professionals?
Cyber liability insurance is a specialized policy designed to protect businesses against financial losses resulting from cyber attacks, data breaches, and technology-related incidents. For real estate professionals specifically, it covers the unique risks associated with handling sensitive client data (Social Security numbers, financial records, bank account information referred to as Personal Identifiable Information aka PII) and facilitating high-value financial transactions where wire fraud is a constant threat. A comprehensive cyber policy includes both first-party coverage (your own losses from a cyber event) and third-party coverage (claims from clients or other parties harmed by a cyber incident involving your business).
Why do real estate brokerages need cyber liability insurance?
Real estate brokerages are high-value targets for cybercriminals for several reasons: they are involved in large financial transactions which often include wire transfers of hundreds of thousands of dollars; they collect and store sensitive personal and financial information from buyers, sellers, and tenants; agents typically work as independent contractors using personal devices and home networks with limited IT security; the transaction process involves many parties (often two agents, lenders, title companies, attorneys) creating multiple points of vulnerability; and real estate professionals rely heavily on email communication, which is the primary attack vector for wire fraud and business email compromise schemes. The FBI’s Internet Crime Complaint Center has consistently identified real estate as one of the industries most targeted by business email compromise fraud.
Is cyber liability insurance required for real estate brokerages?
Cyber liability insurance is not legally mandated in most states for real estate brokerages. However, it is increasingly expected as standard business protection. Some real estate franchises now require or strongly recommend that their franchisees carry cyber coverage. For example: Century21, Coldwell Banker, Better Homes and Gardens Real Estate, Sotheby’s, Corcoran and ERA all require a minimum limit of $500,000 of cyber insurance. RE/MAX has a franchise requirement of $1,000,000 limit for cyber liability policies. More importantly, the financial exposure from a single wire fraud incident or data breach can be catastrophic — a single fraudulent wire transfer during a closing can result in losses of $200,000 to $500,000 or more. As cyber threats targeting the real estate industry continue to escalate, the question has shifted from “Do I need this?” to “Can I afford not to have this?”
What is the difference between cyber liability insurance and E&O insurance?
Cyber liability insurance and E&O insurance protect against different types of risk, though they can overlap in certain scenarios. E&O insurance covers claims arising from professional errors and omissions in your real estate services — such as failing to disclose a property defect or making an error in a contract. Cyber liability insurance covers losses and claims arising from cyber events — data breaches, ransomware attacks, wire fraud, business email compromise, and technology failures. Some cyber incidents may trigger both policies, so it is always prudent to put both your E&O and Cyber policy carriers on notice when a cyber event occurs. Most real estate brokerages should carry both policies. PBI Group can help you coordinate coverage between your E&O and cyber policies to avoid gaps.
What Cyber Insurance Covers
What does a comprehensive cyber liability policy cover?
PBI Group’s cyber policy through Arch Insurance is structured as five integrated Coverage Parts plus 12 customized endorsements: Coverage Part A provides Network Security and Privacy Liability protection (third-party claims when your systems are breached and a client or third party is harmed); Coverage Part B provides Media Liability coverage (claims from your digital content, social media, and online marketing); Coverage Part C covers Data Incident Response Expenses (forensic investigation, legal counsel, breach notification, credit monitoring, public relations); Coverage Part D provides Business Interruption coverage (lost income and extra expenses when your operations are disrupted by a cyber event); and Coverage Part E covers Cyber Extortion (ransomware demands and related costs). Beyond these five core Coverage Parts, the 12 endorsements add critical coverages including first-party Cyber Crime (social engineering, wire fraud, invoice manipulation), Dependent Business Interruption, System Failure coverage, Bricking/Property Damage, Reputational Harm, Cryptojacking, and more.
What is the difference between first-party and third-party cyber coverage?
First-party coverage protects your brokerage’s own losses from a cyber event. This includes data breach response costs (forensic investigation, legal counsel, notification of affected individuals, credit monitoring), business interruption (lost income and extra expenses if your operations are disrupted), cyber extortion/ransomware (costs to respond to ransomware demands), digital asset restoration (costs to recover or restore damaged data and software), reputational harm (lost income from adverse publicity about a breach), and bricking coverage (replacement of hardware rendered non-functional by an attack). Third-party coverage protects your brokerage when clients, vendors, or other parties bring claims against you after a cyber incident. This includes network security and privacy liability (defense and damages if your security failure causes harm to a third party as a result of an unauthorized access to client information), regulatory defense (costs to respond to government investigations related to a data breach), media liability (claims from your digital content), and PCI-DSS assessment coverage. For real estate firms, third-party coverage is critically important because the most common and costly scenario — a client being tricked into wiring closing funds to a fraudulent account after a business email compromise event occurs and the bad actor obtains valuable information about your client’s transaction — results in a third-party lawsuit against the brokerage.
Does cyber insurance cover wire fraud in real estate transactions?
This is the single most important cyber coverage question for real estate professionals. Wire fraud — where a criminal compromises an email account (referred to as Business Email Compromise) that is involved in a transaction and tricks a buyer into wiring closing funds (e.g. $250,000) to a fraudulent bank account — is the number one cyber claim in the real estate industry. However, not all cyber policies cover wire fraud the same way, and many provide inadequate protection.
In the above-mentioned scenario, PBI Group’s Arch cyber policy third-party coverage called Network Security and Privacy liability would be triggered. This core coverage has full policy limits and the standard policy deductible which most of the time is a $500,000 limit and $5,000 deductible. In this example the funds are transferred by the real estate brokerage’s client, not the insured. This is the direct result of the breach/failure of the insured to protect the client’s information. This breach and resulting information loss is what creates the liability for the insured/real estate brokerage. The harm is to the client who lost $250,000 not the brokerage but the client is now suing/demanding their $250,000 from the real estate brokerage who allowed the bad actor access to the business email accounts.
Sometimes a wire fraud event related to a real estate closing can be a different situation all together. The bad actor tricked the real estate brokerage to send their client’s money in their care and custody to the bad actor’s fraudulent bank account. In this scenario, the client did not send their own money via wire — the insured/real estate brokerage did. Their E&O insurance policy does not cover the error, but it is covered under the PBI Group cyber policy.
In the above-mentioned second scenario, PBI Group’s Arch policy includes a dedicated Cyber Crime Endorsement with four separate insuring agreements: Social Engineering Coverage (covers losses from fraudulent instructions purporting to be from a customer, vendor, title company, escrow agent, closing attorney, real estate broker, or mortgage broker); Electronic Transfer Fraud (covers unauthorized transfers from the insured’s accounts); Telephone Fraud (covers toll charges from fraudulent use of phone systems); and Invoice Manipulation (covers losses from fraudulent invoices distributed after a breach). The Social Engineering and Electronic Transfer Fraud coverages each carry a $250,000 sublimit with a $250,000 combined aggregate. Critically, PBI Group’s policy explicitly covers customer funds under the insured’s care, custody, and control — meaning if a client’s closing funds are stolen through a wire fraud scheme involving the real estate brokerage transferring the funds, the policy responds even though the stolen money belonged to the client, not the brokerage. Many competitor policies only cover the insured’s own direct financial loss, which would leave the client’s stolen funds uninsured.
Does cyber insurance cover ransomware attacks?
Yes, but the quality of ransomware coverage varies dramatically between carriers. PBI Group’s Arch policy provides Cyber Extortion coverage under Coverage Part E at full policy limits (up to $1,000,000 depending on the aggregate selected). This covers ransom payments (with insurer consent), negotiation costs, and investigation expenses. Many competitor policies appear to offer similar ransomware coverage on the Declarations page but bury a Ransomware Event Sublimit Endorsement deep in the policy that caps actual ransomware payments at $25,000 to $50,000 — far below a typical ransomware demand. Most ransoms are now higher than $100,000 and that is after the insurance carrier negotiates with the bad actor. Always check for hidden sublimit endorsements that override the headline coverage amounts. PBI Group’s Arch policy has no separate ransomware sublimit — the full Coverage Part E limits apply.
Does cyber insurance cover business interruption?
Yes, and this is an area where PBI Group’s policy is significantly broader than most competitors. Business Interruption under Coverage Part D covers lost net income and extra expenses when your operations are disrupted by a cyber event. PBI Group’s Arch policy covers business interruption from four different triggers: a Network Security Breach (hacking, malware, unauthorized access); a System Failure (unintentional IT outage — not just hacking); a Dependent Business interruption (when a third-party service provider you rely on suffers a breach or failure); and a Technology Contractor interruption (when your cloud host, SaaS provider, or data center goes down). Many competitor policies only cover business interruption caused by a security breach and do not cover system failures, dependent business outages, or technology contractor disruptions. PBI Group’s policy also includes Voluntary Shutdown coverage — if your CISO or IT team intentionally shuts down systems after discovering a breach (a best-practice response), the resulting income loss is covered. The waiting period is 12 hours, and the Period of Recovery extends up to 180 days.
Does cyber insurance cover social media and advertising liability?
Yes. PBI Group’s Arch policy includes a full Media Liability Coverage Part (Coverage Part B) that covers claims arising from your brokerage’s online presence. This includes copyright infringement (such as using a protected image on your website or social media without permission), defamation or libel claims from online content, plagiarism, trade libel, and invasion of privacy in media activities. This coverage is increasingly relevant as real estate agents maintain active social media profiles and digital marketing campaigns. Many competitor policies offer media liability as an optional add-on that is frequently not purchased to reduce premiums — check your Declarations page to confirm whether media liability shows $0 limits or an actual coverage amount.
What is NOT typically covered by cyber liability insurance?
Even the broadest cyber policies have exclusions. Common exclusions include: intentional or fraudulent acts by the insured; bodily injury and property damage (with the exception of bricking coverage for hardware damaged by cyber attacks); prior known claims or circumstances; contractual liability assumed under agreement; patent and trade secret infringement (copyright is typically covered under media liability); and activities conducted outside the insured business as well as first-party wire fraud where the bank account information has not been verified by a secondary method. This last exclusion is very important — if an insured received wire transfer instructions from someone purporting to be a legitimate partner in the closing transaction and those instructions are not confirmed prior to transferring the funds, the claim will most likely be denied. The instructions need to be verified by a secondary method which most of the time means via telephone assuming the instructions were sent via email. Some competitor policies also contain exclusions that specifically target real estate operations, such as Escrow and Title Activities Exclusions that eliminate coverage for claims arising from escrow or trust account handling. PBI Group’s Arch policy does not contain any real-estate-specific exclusions. Additionally, PBI Group’s policy includes an important enhancement: Endorsement 10 removes the standard exclusion for theft of money or securities, which most competitor policies retain.
Coverage Details That Matter
What is third-party network security and privacy liability, and why is it critical?
Third-party network security and privacy liability is a dedicated Coverage Part that protects your brokerage when a client or third party sues you after a cyber incident involving your systems. This is the coverage that responds when, for example, a hacker compromises your email, monitors a pending real estate closing, and impersonates you to trick a buyer into wiring funds to a fraudulent account. The victimized buyer then sues your brokerage for the loss. PBI Group’s Arch policy provides this as a full, dedicated Coverage Part A with limits up to $1,000,000. Many competitor policies — particularly lower-cost commodity cyber policies — lack a separate third-party liability coverage part entirely. They are primarily first-party policies that cover your own breach costs but provide little or no coverage when a client sues you. For real estate firms, where the money at risk is the client’s closing funds (not the brokerage’s money), this third-party coverage gap can be devastating.
What is the difference between defense costs inside the limits vs. outside the limits on a cyber policy?
On cyber liability policies, defense costs are typically inside the limits (also called eroding limits or CEIL — Claims Expenses Inside the Limit). This means every dollar spent on legal defense reduces the amount available for settlements or damages. PBI Group’s Arch policy follows this standard industry structure for cyber. While some E&O policies offer defense costs outside the limits, this is uncommon in cyber liability. The key consideration is whether your aggregate limit is high enough to cover both defense costs and potential damages. PBI Group offers aggregate limits of $500,000 or $1,000,000, in rare situations $2,000,000, and when multiple Coverage Parts are triggered by a single claim, only the single highest deductible applies rather than stacking deductibles across Coverage Parts.
What is bricking coverage and why does it matter?
Bricking coverage pays for the cost to replace computer hardware that has been rendered permanently non-functional (“bricked”) by a cyber attack that reprograms the device’s firmware or embedded software. A severe malware attack can destroy not just your data but the physical hardware itself, requiring full replacement of computers, servers, routers, and other equipment. PBI Group’s Arch policy includes bricking coverage with a $250,000 sublimit. Many competitor policies either do not include bricking coverage at all or offer severely reduced sublimits of $25,000 to $50,000 — which may not cover the cost of replacing an office full of equipment.
What is dependent business interruption coverage?
Dependent business interruption coverage protects your brokerage when a third-party service provider you rely on suffers a cyber event that disrupts your operations. For example, if your cloud-based transaction management platform, CRM system, or MLS provider goes down due to a breach or system failure, your brokerage loses the ability to conduct business even though your own systems are unaffected. PBI Group’s Arch policy covers dependent business interruption at up to $1,000,000 for breaches and $250,000 for system failures at a dependent business, plus $250,000 for technology contractor outages. Many competitor policies explicitly state “NOT COVERED” for dependent business interruption on their Declarations page, leaving brokerages fully exposed to losses caused by vendor outages.
This coverage is becoming increasingly important as more real estate brokerages move to cloud-based SaaS technology providers. The PBI Group cyber policy’s definition of Computer System explicitly includes cloud computing and other hosted resources. Sometimes SaaS vendor contracts have an indemnification cap or liability exclusion — this does not affect your ability to make a claim under the PBI Group cyber policy. There are some exclusions for this endorsement including the types of dependent businesses: they cannot be financial exchanges or markets, internet service providers, or utility companies such as power companies, natural gas providers, or water companies.
What does the cyber crime endorsement cover and why is it important for real estate?
PBI Group’s Cyber Crime Endorsement is one of the most significant differentiators of the Arch cyber policy for real estate firms. It adds four separate insuring agreements: Social Engineering Coverage for losses from fraudulent transfer instructions; Electronic Transfer Fraud for unauthorized transfers from the insured’s accounts; Telephone Fraud for toll charges from compromised phone systems; and Invoice Manipulation for losses from fraudulent invoices distributed after a breach. What makes this endorsement especially valuable for real estate is the specific language: it names title companies, escrow agents, closing attorneys, real estate brokers, and mortgage brokers as parties whose identities may be impersonated in a social engineering attack. Most commodity cyber policies either lack cyber-crime coverage entirely or use generic language that does not specifically address real estate transaction scenarios. Additionally, this endorsement requires authentication via a method other than the original request (such as a phone call back to verify wire instructions received by email), which aligns with FBI recommendations and industry best practices for preventing wire fraud.
Cost and Purchasing
How much does cyber liability insurance cost for a real estate brokerage?
Cyber liability insurance for real estate brokerages typically costs between $15 and $30 per agent per year, with minimum annual premiums starting at approximately $700. Actual premiums depend on the number of agents, annual revenue, whether the brokerage has implemented basic cybersecurity measures (such as multi-factor authentication on email), claims history, and the coverage limits selected. PBI Group offers aggregate limits of $500,000 or $1,000,000 with deductible options of $1,000, $2,500, or $5,000. Premiums have been increasing across the industry as the volume and cost of cyber claims continue to rise. However, it is critical to compare coverage quality, not just price. A policy that costs several hundred dollars less per year but lacks third-party liability, has a $25,000 ransomware sublimit, and excludes dependent business interruption provides fundamentally inferior protection.
What coverage limits should a real estate brokerage carry?
PBI Group offers cyber liability aggregate limits of $500,000 and $1,000,000. The appropriate limit depends on your brokerage’s size, transaction volume, and risk exposure. When selecting limits, consider: the average transaction value in your market (a single wire fraud claim could equal an entire home purchase price); the number of client records you maintain (which drives breach notification costs); the cost of a potential breach response including forensic investigation, legal counsel, notification, and credit monitoring; your brokerage’s dependence on technology (how long could you operate without your systems?); and your overall financial resilience to absorb an uninsured loss. For most brokerages, the $500,000 aggregate provides appropriate protection given current cyber risk levels.
Wire Fraud Prevention and Claims
How does wire fraud targeting real estate transactions typically work?
The most common wire fraud scheme in real estate follows this pattern: A criminal uses phishing emails, stolen credentials, or malware to gain access to the email account of someone involved in the transaction — typically an agent, loan officer, title company employee, or closing attorney. The criminal then monitors email communications silently, sometimes for weeks, learning the details of upcoming closings including dates, amounts, and parties involved. At the right moment — usually just before closing — the criminal sends a spoofed email to the buyer (or the buyer’s agent) with fraudulent wire transfer instructions that closely mimic legitimate communications from the title company or closing attorney. The email directs the buyer to wire their closing funds to a bank account controlled by the criminal. Once the funds are sent, they are typically moved through multiple accounts and often overseas within 24–72 hours, making recovery difficult but not impossible if you move quickly to contact the bank and FBI.
What should I do if a client falls victim to wire fraud during one of my transactions?
If wire fraud occurs during one of your transactions, time is the most critical factor. Take these steps immediately: First, contact the sending bank and request a wire recall — the first 24 to 72 hours are critical for any chance of recovering funds. Second, file a report with the FBI’s Internet Crime Complaint Center (IC3) at ic3.gov and with local law enforcement. Third, notify your cyber liability insurance carrier immediately (PBI Group clients can call the Arch Data Security Event Hotline at 844-202-1600 to reach the Mullen Coughlin breach response legal team). Fourth, preserve all email communications, wire instructions, and transaction documents as evidence. Fifth, notify all parties to the transaction — clients, title company, lender, and other agents — about the incident. The sooner you act, the better the chance of recovering stolen funds and the stronger your position under your cyber insurance policy.
What steps can real estate brokerages take to prevent wire fraud?
Key prevention strategies include: implement multi-factor authentication (MFA) on all email accounts for every agent and staff member — this is the single most impactful security measure; establish a policy of never sending wire instructions via email alone; always verify wire instructions by calling a known phone number (not a number from the email) before wiring any funds; educate all agents and clients about wire fraud schemes at the beginning of every transaction; use encrypted email or secure transaction management platforms for sensitive communications; monitor email accounts for unauthorized access, forwarding rules, or inbox rules set by hackers; include wire fraud warnings in all correspondence with clients; and create an incident response plan so your team knows exactly what to do and who to call when a cyber event occurs. PBI Group’s cyber policy requires authentication via a method other than the original request for social engineering claims, which aligns with these best practices. Implementing these measures not only reduces your risk but strengthens your position if a claim arises.
Data Breach Response
What happens if my brokerage experiences a data breach?
If your brokerage suffers a data breach, your cyber liability policy’s Data Incident Response Expense coverage (Coverage Part C under PBI Group’s Arch policy) activates a coordinated breach response. PBI Group clients should immediately call the Arch Data Security Event Hotline at 844-202-1600, which connects you with the Mullen Coughlin breach response legal team — this is a pre-arranged panel counsel benefit, meaning experienced breach attorneys are ready to act immediately without the delay of engaging outside counsel. The response team typically includes: forensic IT investigators who determine how the breach occurred, what data was accessed, and whether the vulnerability has been contained; legal counsel experienced in data breach response and state notification laws; notification services to alert affected individuals as required by state breach notification statutes (all 50 states have breach notification laws); credit monitoring services for affected individuals; and public relations support to manage communications. The immediate priorities are containing the breach, understanding its scope, meeting legal notification obligations, and preventing recurrence.
How does a cyber insurance claim work for real estate professionals?
When a cyber incident occurs, the claims process generally works as follows: You report the incident to your insurance carrier as soon as possible (PBI Group clients call the Arch hotline at 844-202-1600 or contact PBI Group directly). The carrier assigns a claims professional and connects you with breach response resources including forensic IT specialists, attorneys, and notification vendors. The forensic team investigates the incident to determine its scope and whether a covered event occurred. If the investigation confirms a covered event, the policy responds by covering the costs of forensic investigation, legal defense, notification, credit monitoring, business interruption losses, and any other applicable coverages. If a third-party lawsuit results (for example, a client suing after wire fraud), Coverage Part A provides defense and damages up to the policy limits.
Comparing Cyber Policies
What should I look for when comparing cyber liability policies?
When evaluating cyber liability policies for your real estate brokerage, compare these critical features: Does the policy include a dedicated third-party Network Security and Privacy Liability coverage part, or is it primarily a first-party policy? Does the Cyber Crime or Social Engineering coverage extend to customer funds under your care, custody, and control — not just your own funds? What are the actual sublimits for ransomware after all endorsements are applied (check for hidden sublimit endorsements that cap coverage at $25,000–$50,000)? Does business interruption coverage extend to system failures, dependent business outages, and technology contractor disruptions — or only to hacking events? What is the Period of Recovery (30 days, 120 days, or 180 days)? Is bricking coverage included and at what sublimit? Does the policy contain any real-estate-specific exclusions (escrow activities, title services, trust account handling)? What is the retroactive date — full prior acts or a limited lookback period? And is the insurer financially strong with an A.M. Best rating of A- or better?
Why are some cyber policies much cheaper than others?
Significant price differences between cyber policies almost always reflect significant coverage differences. Common cost-cutting measures in lower-priced policies include: no dedicated third-party liability coverage part (the policy only covers your own breach costs, not client lawsuits); ransomware sublimits of $25,000–$50,000 buried in late endorsements despite headline limits of $1,000,000; business interruption capped at $50,000–$100,000 through sublimit endorsements; no dependent business or technology contractor interruption coverage; social engineering coverage limited to $25,000–$50,000 with no coverage for customer funds; restricted retroactive dates (5 years instead of full prior acts); shorter claim reporting deadlines (60 days vs. 90 days); no bricking, reputational harm, or cryptojacking coverage; and real-estate-specific exclusions that eliminate coverage for escrow and title activities. PBI Group’s approach is to compare the effective coverage — after all endorsements and sublimits are applied — not the headline limits or the premium alone.
About PBI Group’s Cyber Program
Who is the insurance carrier behind PBI Group’s cyber policy?
PBI Group’s cyber liability program is underwritten by Arch Insurance Company, one of the largest and most respected specialty insurers in the United States. The policy has been customized with 12 endorsements specifically designed to address the cyber risks facing real estate professionals. Arch Insurance Company carries strong financial ratings (A+ and Class XV — view Arch credit ratings), providing confidence that claims will be paid.
Why should I get my cyber insurance through PBI Group?
PBI Group brings the same specialized expertise to cyber liability that we are known for in E&O insurance. We focus exclusively on insurance for residential real estate professionals, which means we understand the specific cyber threats your brokerage faces — wire fraud during closings, business email compromise, ransomware locking your MLS access, client data breaches, and vendor compromises. Our Arch cyber policy with 12 customized endorsements is specifically modified for real estate operations, with features like real-estate-specific social engineering language, customer funds protection, no escrow or title exclusions, and a pre-arranged breach response hotline. We serve approximately 1,200 brokerages and 100,000 agents across all 50 states, and we can coordinate your cyber coverage alongside your E&O and general liability policies for comprehensive protection.
How do I get started with a cyber liability quote from PBI Group?
Getting started is simple. Visit our Get Started page, call us at (443) 502-5645, or email sales@pbigroupsolutions.com. We can typically provide a cyber liability quote alongside your E&O quote, and many of our clients bundle their E&O and cyber policies for coordinated coverage and streamlined service. There is no obligation, and most quotes are delivered within one to two business days.
