Toward the end of last year, the UK's National Cyber Security Programme passed its second anniversary. It's no surprise to find the UK in the vanguard when it comes to cyber security, especially because British businesses earn on average 20% of their income online. It's in everybody's best interests to maintain the UK's position as one of the safest places to do business in cyberspace. That's one of the major reasons why we created the National Cyber Security Programme and backed it with more than $1.4 billion in government funding.
In its first year, the programme focused on understanding the problem. Threats in cyberspace are growing: over the past year, some 93% of large companies (and 87% of smaller ones) reported a cyber breach. Understanding these threats, and being able to detect them, was a vital first step. The programme's second year mainly centred around partnerships--with industry in particular, but also with universities and international partners.
With awareness of cyber issues now more widespread than ever before, we wanted to gauge how seriously company boards take cyber. The UK's top six audit firms carried out a cyber health check for companies listed on the FTSE 350 stock market. Participants got a free, confidential assessment of their performance and a comparison against their peers.. In return, the government received an overall report showing (without identifying individual companies) the FTSE 350's awareness of cyber issues and preparedness to deal with them.
Alongside this, we partnered with business to develop a set of criteria for good cyber health. This will give companies a clear standard to aim for. And if they meet the standard, they will be able to advertise on that basis in order to attract clients. Similarly, many businesses that supply the UK government with cyber security products and services will be allowed to state publicly that they are government suppliers. These measures should give businesses a powerful incentive to keep themselves and their customers safe online.
In 2013, Britain continued to beef up its efforts to combat the cyber threats themselves. In October, the new National Crime Agency came into being. It includes a specialist National Cyber Crime Unit, dedicated to fighting the most serious cyber criminals. On the military side, the Ministry of Defence set up a Joint Forces Cyber Group in May.
The Cyber Security Information Sharing Partnership--a trusted forum for law enforcement, the security services and industry to share up-to-the-minute information about cyber threats and how to combat them--continues to flourish, and is expanding to include smaller businesses and cover more sectors.
Our efforts to build up the UK's cyber security sector mean that we will need more people with the right skills at every level in the workforce. We are working with businesses, schools and colleges to make that a reality. We are developing teaching materials and funding internships and apprenticeships. A new cyber skills course at the Open University could eventually reach some 200,000 students. By helping set up new Academic Centres of Excellence and Research Institutes, we are supporting research that will strengthen our national infrastructure. And we are partnering with scholars from the elite Chevening, Commonwealth and Marshall programmes to give them expertise to take back to their home countries and boost the UK's reputation as a hub for cutting-edge cyber research.
As well as a highly skilled workforce, we will also need people beyond the digital sector to be more conscious of cyber issues. That's why we are investing in major awareness-raising campaigns, targeted respectively at the general public and at small businesses.
We achieved a great deal in 2013, but there is of course much still to do. In 2014 we look forward to weaving these strands into an ever-stronger web of cyber security.