The threat and sophistication of cybercrime is only growing so defence and protection is a must, a recent WMA conference heard.

Information security needs to be addressed as a board-level issue, said “ethical” hacker Mustafa Al-Bassam at the Wealth Management Association’s recent conference on financial crime.

Al-Bassam is an ex-member of LulzSec, a group of British hackers that claimed responsibility for several high profile cyber attacks on targets including News International and the UK's Serious Organised Crime Agency in 2011. At the conference last week, he stressed that cybersecurity should be “deeply embedded into a company's culture” to be taken seriously and make people aware of the capabilities of the digital world.

“Once you understand the risks, you can better protect yourself. Social engineering is a big risk – while cybercrime is often seen as a computing technical issue, it is truly a human-to-human problem,” he said.

Recent years have seen a string of financial institutions fall prey to elaborate hacks. In 2014, JP Morgan became a target, with the accounts of over 76 million individuals affected and user contact details compromised. In November 2015, three men were charged for the attack. And in a reminder of the threats posed by today's age of online banking, HSBC internet banking went down at the hands of hackers on Friday though the bank confirmed that no customer details were compromised.

Financial crime costs the UK economy £52 billion ($74 billion) yet the vast majority of these crimes go unreported, noted James Phipson, commercial director of the Economic Crime Directorate at City of London Police, speaking at the conference. The National Crime Agency advised it had set up a Joint Money Laundering Intelligence Taskforce to share intelligence between the police and financial services institutions and WMA chief executive Liz Field announced that the WMA would continue to work with the City of London Police, the National Crime Agency and wealth management firms to tackle the rising threat and help protect clients.

Highlighting the rising importance of cyber risk is the Bank of England's systemic risk survey. In the first half of 2013, only 1 per cent of firms deemed cyber attacks to be a top five risk to the UK financial system, according to the survey. By the second half of 2015, this had grown to 46 per cent and almost a third of respondents found cyber attacks to be one of the most challenging risks to manage, behind risk of an economic downturn (34 per cent) and risk of financial market disruption (34 per cent).

A recent report by Aite Group further echoed Al-Bassam's calls for action, spotlighting the role of cyber-resilience – the ability to identify, respond to, and recover from information security breaches.

“Cyberbreaches threaten to break the trust between financial institutions and their customers,” said Will Woodward, analyst on Aite Group’s institutional securities and investment team. “The attacks faced by financial institutions are dynamic and evolving, so firms’ approaches to cybersecurity should also evolve and constantly develop.”