Everyone within a company has a role to play in helping to keep their organisation secure from cyberattacks.

And blockchain technology could play a key role in cybersecurity in the future, but today we have as much inkling for its possibilities as early internet users had of that technology as they gazed at block lettering on their green screen monitors.

Those were views expressed by a panel of executives who discussed the risks and opportunities of cybersecurity at InsuranceERM’s Insurance Risk & Capital conference at the Hamilton Princess.

In the wake of the security incident at island law firm Appleby, which has featured in international media this week, the topic has gained added pertinence since it was featured at the one-day event last week.

Employees should view themselves as individual risk managers, regardless of whether that is cyber or physical security. If they see a secure door open in their building they should find out why and potentially close it, that was advice from David Friston, head of AIG cat excess liability, who was on the panel.

Likewise, in the realm of cyber, companies should ensure they provide staff with some training so there is self-awareness about what people do. Everyone should be a risk manager.

And delegates heard that such security awareness and proactivity is something that companies need to instil from the top down; that it should be a case of “if you see something, say something”.

Noel Pearman, cyber product lead at XL Catlin, said the issue was less about security itself than security plus operational efficiency and speed.

“The crux is how can I be super secure and still transact at lightning speed?” he said.

“What used to be an IT concern is now a concern for the entire organisation, going right up to the chief executive officer and the C-suite. It’s about how we manage our supply chain, customer databases, and how we interact internally.”

Mr Pearman said previously the message clients wanted to tell insurers was that they could not be penetrated by hackers.

“Now, the discussion is very much not if, but when,” he said.

“It’s a broader discussion. Yes, we are talking about what is happening on the perimeter, but also about how quickly can you identify someone that is in your system, where they have been and what they have taken.”

The third member of the panel, Rick Welsh, CEO of Sciemus Ltd, said there was once a belief, particularly among those in the security and nuclear industries, that they were safe because they had an “air gap” — that is, their command network and sensitive operations were isolated from outside networks.

Mr Welsh mentioned a book entitled Air Gaps and Unicorns, adding: “ie, they don’t exist”.

He said: “The security industry is moving to the point where they accept it does happen.”

Mr Welsh mentioned small USB thumb drives that have been be plugged into isolated systems to compromise sealed networks. And some of the best attacks today are achieved through social engineering techniques, such as targeted e-mails that trick recipients into activating malware. He said companies should train employees how to handle such ploys.

Many companies no longer feel that damaging cyberattacks are unlikely to hit them. As attacks on companies have got “closer and closer to home” the seriousness of the risk has been amplified.

“A lot of organisations think why would I be a target; why would anyone else be interested in what goes on in my network?” said Mr Pearman.

“You are not always aware what they [the hackers] are looking for. Sometimes they are stairstepping their way to bigger targets.”

He said real collaboration was the key to managing cyber-risk. At an organisational level that requires legal, IT, security, including physical security, being managed in unison.

“On the insurance side, we need all the different lines to be talking with other lines,” said Mr Pearman.

Blockchain technology is being viewed as an emerging technology that could play a significant role in the insurance industry, and for cybersecurity.

Mr Welsh expressed hope that it will help achieve faster claim payouts in the aftermath of natural catastrophes.

“If you look at the hurricane season, you need to get the money to the people who most need it, quickly. There has to be a better way of unlocking some of the claims,” he said.

“On the question of trapped capital, there’s a lot that can be made there in terms of unlocking. Blockchain has great precept for unlocking all of that.”

Mr Pearman agreed that blockchain was exciting for the future, but said he liked to parallel it to when the internet first started.

“When the internet developed it had green screens with light green writing in blocks. People were looking at it and they were saying ‘we know this is going to be big, but we can’t figure out what it is going to look like’.

“They couldn’t see smartphones and Facebook apps, Uber. But they knew something big was here. This is exactly where we are with blockchain. It is going to change everything, all of the pontification right now is like us looking at green screens trying to figure out what an Uber app is going to look like in ten, 15, 20 years’ time.”

He added: “Keep your ear to the ground, get ahead of understanding what it is. It is going to change how we do business in a dramatic way.

“In the way we have risks that are being solved by insurance around transactional risk, that is going to change dramatically. Where we are using intermediaries to manage the flow of information between parties in transactions, that is going to change dramatically.

“But still, it is a green screen with light green writing for us now.”