Cyber Essentials Certified

Job Slot

Short term contract available

The Institution is supporting this Government initiative and via one of our partners, a Business Development Consultant contractor position has arisen.

A need has arisen on the UK Cyber Security Council Formation Project (the project) for a clear Strategy and Value Proposition for the Council. Therefore we are recruiting for a Business Development Consultant as a Contract position up to 60 days work at £700 per day.
The project is a Government initiative, funded through the Department for Digital, Culture, Media, and Sport (DCMS), being delivered by the Cyber Security Alliance, of which CIISec is a member, under the leadership of the Institution of Engineering and Technology. CIISec is running two of the workstreams.

This consultant will be critical in establishing the income for the Council from organisations and entities who would join as Members and Associates/Affiliates, as well as setting out the strategy for the Council in its first few years. 

We attach a role description and suggested format of the deliverable, as this shows the scope of the work required.

If you are interested in applying please send your CV and a covering letter to

Please note that the closing date is 20th July 2020

We also welcome those outside of CIISec membership to apply so please feel free to share this email with any colleagues or friends that could be suitable for this role.  

UK Cyber Security Council Board

The Institution has been involved with the Cyber Security Alliance and has been working with our partners to create the Cyber Security Council, the Formation Project is now in a position to advertise for the first three Trustees of the UK Cyber Security Council.

The advert for the first Trustees of the UK Cyber Security Council is now live at .

Compealing Skills

“… for the first time, I saw that programs could be more than just instructions for computers. They could be as elegant as well-made kitchen cabinets, as graceful as a suspension bridge, or as eloquent as one of George Orwell’s essays.”

In the third part of this series on Compealing Code, Paul Lynham covers some of the skills required to achieve this goal.


Margaret Sale, 1932–2020

I am sad to say the Margaret Sale died recently. She and her husband Tony were instrumental in saving the Bletchley Park site and helped to create what is now the country’s most important museums for WW2 code-breaking. Made famous through various films and life stories of Alan Turing.

She and Tony also worked tirelessly with the National Computing Museum (on the same site as Bletchley).

Tony Sale (Left) with the then President of the IAP Jim Bates and his wife Jo

I was fortunate to have met both of them, Tony, when he gave a presentation to an IAP Symposium, and a few years ago I was at the NCM and had an interesting chat with Margaret about the computing museum.

COBOL Developers Are Not Extinct

COBOL Graphic

The Governor of New Jersey had put out a plea to COBOL developers to volunteer to support the states aging computing systems.

In an article in The Register he explains that the 40 year old Benefits system relies upon this code and is struggling with the amount of applications being made.

While asking for volunteers, he may need to ask for retired or semi-retired developers to come back to work.

It does raise the question of technical debt, but it also shows that while an aging language COBOL was literally a Business Programming language and is still relevant today.

While COBOL is still available and indeed has several Windows and Object Orientated versions, many companies and organisations have been converting, rewriting from scratch, even redesigning systems to move their old coding real estate to modern languages. Although often the database stays the same.

It is a shame, that as this need arrives, contract developers in the UK and around the world cannot travel to the USA to offer assistance for this task due to the current travel restrictions.

Grace Hopper PhotoGrace Hopper who’s work gave rise to the COBOL language in 1959, would if she was still alive probably have a wry smile today at the longevity of her creation.




Are you a COBOL or software developer? how are you coping with the current self-isolation directives? Please let us know.

A Further Look at Complealing Code

Paul Lynham FIAP continues his voyage on Compealing Code in a series of articles about improving source code to improve software.


Code City

As a software developer of the best part of 40 years, I have developed everything from games on 1970’s computers, through to largescale financial systems and everything in between.

The consistent things I have seen are employers and project managers wanting it all done yesterday and ahead of budget. This of course is understandable but I question the long term effect on the business and on occassion the sanity of the developers left to pick up the mess.

Writing a computer programme is like building a house, quite often a single programme will be part of a far larger suite of programmes to run a series of predesignated but interconnected tasks.

Within a company several sets of unrelated suites of programmes will run, sales, purchasing, accounting, building management, heating controllers etc.

So coding is a lot like bricklaying, you are building a foundation that will serve the company well. The suites of programmes are like a street of houses and the company is the city.

This is all fine when it is first built, like a house there may be teething issues and the builder has to fix a leak or some other error, just as wehn a programme when it is run may uncover a bug or two after it has gone life, even after testing.

Now later down the line, the code like a house may show signs of wear, amendements have been made and the programme no longer does what it was designed for, similar to my own house where we had more children, converted the loft and added an extension. Later my children left home just as the computer programme may no longer actually serve it’s original function because that bit of business is no longer done.

From experience a few years ago I had to write new code and amend existing code to process the Child Trust Fund a Government initiative to get parents saving for thier children. Lots of work for the team I was with at the time. Change of government a few years later and the scheme was scrapped. So now this code is still embedded in all the systems that are running every day and because it is easier to leave it in than remove the code, the whole suite of programmes is probably still running today.

I worked for an insurance software company for a few years managing one of their insurance quoting products. Hundreds of bugs in the bug folder (yes on paper) and over a 12 month period I go the bugs down too a couple of dozen. One thing I noticed was the time it took to quote for a person (who would be sat in a Independant Financial Advisor IFA) over 2 mintes for 60 individual companies quotes. By now I had a good idea of the system and one day printed out the main quote code, laid it out and analysed it. After a day or so I realised that a lot of duplicate code was present and I also could see that if I rewrote certain chunks of the code it would a) read better b) be more logical. out of 85 pages of code, I removed 30 pages. When the programme was run the next time the quotes took 22 seconds.

So what do we get from this?

Well as a product manager I had the authority to do as I wished with the code. I was able to prioritize and allocate resources. I did what a modern house builder does, I went in knocked down the walls and made a more usable space. I removed everything that was extraneous and I could have rewritten the code from scratch.

Like a City, sometimes when a district or street becomes dilapadated, developers will come in and flatten everything and rebuild using the latest more effecient building techniques. Sometimes (probably more often) comapnies should look at thier software real estate and allow the developers the time to remove the junck, rewrite if neccesary, even a whole suite.


Code that has been continuely amended over a long period of time is like a house that has been maintained for years, that is full of cracks, damp, floorboards that creak as they gently rot under your feet.

It needs to be repaired, or better still clear it out and rewriite. It will be easier to read, easier to support and probably run more effeciently, faster code means cost savings.

In addition you could take the opertunity to upgrade to a newer coding platform. There are still billions of billions of lines of COBOL and Visual Basic out there. I know it still runs but modern languages running on 64 bit platforms generally offer but functionality than those languages that come before.

As a devote of VB6, I took the plunge and had a programme o convert much of that software estate to .NET, I also found about 30% of the programs we had, were no longer used, so were not converted.

As a developer who did overnight support, the last thing I wanted was to trace through code at 3am trying to find a bug. Then having to patch it and finding the next day my manager saying leave it in, more damage to the system.

As a manager, I could see that an expense now, may seem unneccesary but in the long term would save money that outways the cost and of course your software teams sanity.

STEM 2020

STEM is a curriculum based on the idea of educating students in four specific subjects:-science, technology, engineering and mathematics.

To make the subjects more relevant than individual lessons they are taught by integrating them into a learning programme based on real-world applications.

The programme in the UK is a partnership between many organsiations including the Government, charitable trusts and employers.

While the Institution is not directly involved in STEM 2020, we know that some of our members and thier companies are. In addition we know that some of these projects will require software and in so doing the next generation of software developers are being created.

Many organisations like the Daily Telegraph are running competitions for best projects and with the world looking at environmental issues, we are sure some exciting projects will be seen.

If you are involved with STEM 2020 and have some further insight or would like to share your experiences with us, then give us a call.

Compealing Code to Improve Software

Paul Lynham FIAP presents another article in a series of articles about improving source code to improve software.


Testing the Limits

In 2000 the Post Office introduced a new accounting system ‘Horizon’ to manage all its branches. Over the next few years hundreds of sub-postmasters/postmistresses were prosecuted for theft, fraud and other charges as the system identified money was missing from the accounts.

Many of these people went to prison, even a pregnant woman and others had their lives ruined. One man even committed suicide.

The Post Office a bastion of trust with the UK population in court said the system was correct and it was the sub-postmasters/postmistresses that were the criminals.

Over the last few years cracks began to show, a report by Second Sight specialists in fraud investigation who were brought in to vet the system for the Post Office and give it a good bill of health, highlighted its flaws and said the system was not ‘Fully Fit for Purpose’. Documents that would have showed accounting errors were hidden by the Post Office and then they produced a document to counter Second Sights report.

Finally after many years over 550 former sub-postmasters/postmistresses have brought a class action against the Post Office and it has been shown how bad the system really was.

This week the Post Office has finally settled the action by paying out £58 million to pay the claimants.

The real cost here though is the people who went to prison and have lost their livelihoods, homes, lives, friends and family. These people will have the long task now of getting the prosecutions overturned and pardoned, but that will not stop the prejudice against them when looking for jobs.

What went wrong?

As someone who worked on financial systems for many years, I suspect flawed testing and management pressure to deliver the software into production was a primary problem. If it works and the system errors are low, then release it. We can fix any shortfalls later. This is not uncommon in the business world but can be a minefield further down the line (Companies like Microsoft have operated like this for many years).

If we has system discrepancies we would run the systems through, re-processing the data we had in a test/debug environment and see if we could

  • a) reproduce the error
  • b) identify the point it would go wrong.
  • c) fix it
  • d) test it (including all the previous testing)
  • e) release the new version to production.

It should have been obvious to the Post Office management that they would not suddenly have that many fraudsters on their hands and it should have raised a red flag about the Horizon system. Of course if they knew that this number of fraudulent sub-postmasters/postmistresses is/was the norm then the Post Office must be in really bad shape.

In this case the Post Office were almost Judge, Jury and Executioner, they could bring prosecutions without referral to anyone like the DPP, their evidence was of their own making and some people have said the evidence was a a fabrication.

It’s important here that people are aware that computer systems are fallible and that incidents like this should not immediately make you think that your local retailer is a crook, they maybe, but proper systems, procedures and controls need to be in place to insure impartiality.

The Institution of Analysts and Programmers is working hard ‘Improving Software for Society’ with schemes like FURST and our Academic Partnerships. It is difficult when large organisations do not even follow the basics of software development practice.

The moral here is to TEST, TEST, TEST and then TEST again! and trust your end users, they are usually annoyingly right.