MoD Information Technology and Lessons for Acquisition

It is no secret that the MoD has had a long history of complicated, incompatible and costly IT systems that have resulted in real operational problems. When the MoD has an IT problem it means for example, stores failing to arrive in time for frontline users.


Logistics Lessons Learned


Software, networks, software, devices, software and networks!

This makes the MoD’s ICT capability so vitally important.

After a brief period with a ‘temp’ the MoD appointed Mike Stone as the new Chief Information Officer in May last year. If you look at Mike Stone’s Wiki page it is clear he has a deep well of experience from which to draw but what is so refreshing and gives me much hope is is willingness to shake things up. A few months into his new job he had defined an innovative programme and recognised all that was wrong with DII. In a blog post on the MoD’s site he said;

Last week I set out to those in Defence my vision for 2016 in which users will have information capabilities that are tailored to their mission, location and role, accessed at the right time, through a choice of devices over a cost effective, modern and adaptable infrastructure.  For non-sensitive, everyday work we will adopt commercial standards and security arrangements.  As proof of intent, and in order to deliver real benefits up front, I also announced details of 30 specific improvements that we will deliver between September 2014 and March 2015, including better access to the internet, quicker logon and logoff times, access to social media and more flexible mobility solutions using WiFi

Joining Mike Stone as CTO was Madhu Bhabuta, the former CIO of the UK Hydrographic Office.

The MoD has started to move to Office 365 and in conjunction with the Centre for Defence Enterprise (CDE) started to look seriously at open source analytics, the key being open source.

Traditionally the MoD has been cautious of adopting emerging and unproved technologies. However, we need to adopt these freely available capabilities and services now,

Of course, words are easy, and anyone with any experience of these things would get a sense of Deja Vu, but what caught my eye a few years ago was a story in Computerworld about the latest IT initiative called ‘Defence as a Platform’ which is seeking to unify the overall IT architecture.

Are you bored yet?

OK OK, the point of the post.

In the article, Mike Stone described how he had not yet been able to achieve its aims because of cultural issues at the MoD.

Stone told techUK delegates he has not been able to achieve his aims as quickly as he wanted since joining the MOD in May 2014, largely as a result of “cultural torpor” within the department. He also pointed to restrictive procurement policies and a “lack of suitably qualified and experienced people” as factors holding back his ability to implement changes. He said 58 percent of ISS staff are aged over 45. “The way we’ve outsourced in the past means we have abrogated design.

Does any of this sound familiar; cultural torpor, restrictive policies, lack of skills and experience and the abrogation of design to outsourcers.

Exactly the kind of issues that have bedevilled DE&S, the lack of design and integration skills and experience within the department.

But what is Mike Stone doing about it; further market testing, further outsourcing and strategic partnerships?


I want to in-source a lot of capabilities to make us masters of our own destiny and stand up our own design authority, with an architectural direction of travel

The commercial world is moving back from outsourcing, realising the value of having expertise and experience in house.

The MoD’s CIO has realised it, wonder when the CDM will?










Newest Most Voted
Inline Feedbacks
View all comments
July 15, 2015 7:09 pm

Given that Bernard didn’t mention it in his report, its difficult to see that happening. Especially when there might be some nice fat directorships for when he retires later this year…

July 15, 2015 7:51 pm

Somehow I don’t see a return of the various research establishments. I don’t think the MOD has yet finished with its mania for outsourcing everything it possible can. After all it saves money, Doesn’t it!

Dangerous Dave
July 15, 2015 9:00 pm

I would have hoped for better platforms and tools than Microsoft Office365 and WiFi. Both of those have adequate risk to benefit profiles for a commercial enterprise, but for MoD, who carry data with a much higher security risk, the well known security exploits on these systems must mean there is much more risk and much les benefit in the profile. Especially if the “bread and butter” networks using Office365 and WiFi are bridged to the more secure ones (as they will because, y’know, we *all* want to access our emails at *any* time!).

I would have thought that Open Source solutions like OwnCloud where the source code can be inspected, patched and (if necessary) modified in-house would be a more secure option. Especially with physical security (you own and control the location of the cloud servers). For wireless communication, then WPA2-enterprise with Radius servers and a curated list of trusted clients is the best in the public sphere. Even using Open Source ROM based OS’s for the WAPs is an option – especially if it’s kit sourced from China! But still, do the MoD have the skills to do all this effectively or will we be hearing about a British OPM-style scandal?

Dangerous Dave
July 15, 2015 9:11 pm

And before anyone comments – yes what I’ve described is the sort of “eggshell” security that true IT Security experts frown upon. You have to have routed networks, be implementing OSI level 3-5 security technologies and be tracking packets and hosts on the LAN/WAN. I didn’t mention that stuff because I’m just a School sys-admin who’s most secure data is the Staff Apraisal comments, and not an IT security guru!

Slightly Agricultural
Slightly Agricultural
July 16, 2015 7:56 pm
He said 58 percent of ISS staff are aged over 45.

No kidding, the average age is the wrong side of 50. Bearing in mind, this is one of the hubs of MoD IT and where a lot of the procurement and planning is done. Yet there is a complete dearth of ‘young’ people.

I wouldn’t underestimate the effect of putting such a hub at Corsham. For a young person, that is not an attractive location to live (cramped & expensive Bath, or Chippenham) – so why would they want to work there compared to a big city like Bristol? I know personally several people who have…avoided (refused is a touch strong) taking up posts there for this reason. It’s a very nice (expensive) site; they just built it in the wrong place.

I also don’t think social media and WiFi are really all that high on anyone’s priority lists, MoD is not your average business and there are very good reasons for not doing those things – as Dangerous Dave has pointed out!

I think most people would settle for a newer computer and software from this decade.

A Caribbean Perspective
A Caribbean Perspective
July 16, 2015 11:48 pm

Ahem, what has 50 got to do with it? Surely it”s more about attitude and creativity? Something that is more of a problem in a civil service type environment than in the private sector, perhaps.

July 20, 2015 1:04 am

“Does any of this sound familiar; cultural torpor, restrictive policies, lack of skills and experience and the abrogation of design to outsourcers.”

Might like to ask about the retention rate of those who completed the dis (MSc) course at RMCS. (I did just over 3 yrs)

Dan (Kable)
Dan (Kable)
July 21, 2015 8:38 am

I should have jumped on this earlier, you guys don’t often discuss defence ICT. I know it doesn’t compare to the joys of mexflotes! :) Anyhow, did some digging and the MoD confirmed a new ICT strategy is on its way later this year. Write up is here

P.S. Obsvr, that’s a really good question re: retention rate of the master’s course. Will probably put in an FoI for that.