Insurance professionals must co-operate to fight cybercrime, the director-general of the Association of British Insurers has said, days after one of the worst cyberattacks in Bermuda history.

“Cybercrime is on course to become the largest threat our customers are facing,” Hannah Gurga said at the Abir@30 Lunch Forum yesterday.

“It’s not a question of whether there’ll be hits because every business is being attacked all the time. The tiniest WordPress websites are targeted hundreds of times a day. Our largest customers are being attacked by hacking bots millions of times a day.”

She spoke shortly after the Premier, David Burt, opened the event at the Hamilton Princess & Beach Club by thanking everyone for their support following a “serious and highly sophisticated cyber attack” that crippled many government offices.

Ms Gurga said just one vulnerability such as a weak password can cost one organisation billions of dollars.

“The answer for insurance clients cannot be solely more insurance, but that does not mean we should stand back,” Ms Gurga said. “Only the insurance industry sees almost every cyberstrike. We have the knowledge. We want to protect our customers, so we have the incentive.”

She said by leveraging strength through association, sharing data and working with the intelligence services, the insurance industry has the capability to take a bite out of cybercrime.

According to the website Venture Beat, 85 per cent of companies experience at least one ransomware attack per year. More than 60 per cent paid the ransom. The website for IT support services company AAG IT Services suggests just 42 per cent of firms actually report these attacks to the authorities.

“Keeping a cyberattack secret helps nobody except the perpetrators,” Ms Gurga said. “We need aggregated incident data to help quantify. We need intelligence with individual attacks on a real-time basis so that all companies can defend themselves.”

She urged the insurance industry leaders in the room to “step forward”.

“Stepping forward means better defences,” she said. “Every company, every supplier and every employee must adhere to the highest security standards. Stepping forward means getting proactive.”

She said her organisation, the ABI, has launched a cyber-safety tool to help small businesses to assess their cyber-risk and receive tailored guidance on how to stay safe.

“Stepping forward means we must collaborate with the UK Information Commissioner’s Office and the National Cybersecurity Centre,” Ms Gurga said.

She said the ABI is at the forefront of such initiatives in the British industry.

“But evil doesn’t care where you are,” she said.

• Update: This article has been amended to clarify that David Burt characterised the recent government cyber incident as a “serious and highly sophisticated cyber attack” as opposed to a ransomware attack.