• Think, Analyze, Maintain
    Effective Solutions
  • Succeed with us!
    The World can be yours
  • Let us coperate!
    Advance your business!


The C)ISSO course/certification has been validated by the NSA for: CNSSI-4012, National Information Assurance Training Standard for Senior System Managers and NSTISSI - 4011, National Training Standard for Information Systems Security (INFOSEC).

The C)ISSO course is designed for a forward­thinking cyber security professional or consultant that manages or plays a key role in an organization´s information security department. The C)ISSO addresses a broad range of industry best practices, knowledge and skill sets expected of a security leader. The Candidate will learn both the theory and the requirements for practical implementation of core cyber security concepts,policies,practices, monitoring and compliance. Through the use of a risk­based approach the C)ISSO is able to implement and maintain cost­effective cyber security controls that are closely aligned with business requirements.

The Certified Information Systems Security Officer was a direct initiative of the DND ­ Department of Defense of Canada in cooperation with the DOD ­ Department of Defense of the United States. Defined in in this dual initiative titled CANUS CDISM MOU ­ ID#: 1974100118 found at:

Details :

In the CANUS CDISM MOU it states the following:

A. The CDRSN National Information System Security Officer (ISSO) is the focal point for all security issues pertaining to this network.

B. The Director Information Management Security (DIMSECUR) is the DND authority for security assessment of the CDRSN, including the approval of Interim Authority to Process (IAP) and Authority to Communicate.

With these initiatives in mind, Mile2 created a certification for the ISSO called Certified ISSO.

"The Certified Information Systems Security Officer training and certification program prepares and certifies individuals to analyze an organization's information security threats and risks, and design a security program to mitigate these risks. ISSO´s will be proficient in risk analysis, risk mitigation, application security, network security, operations security and business continuity."

Whether you are a responsible for the management of an Cyber Security team, a Security Officer, an IT auditor or a Business Analyst the Certified Information Security Officer – C)ISSO course is an ideal way to increase your knowledge, expertise and skill.

The C)ISSO course, and subsequent examination, is the most up to date, practical and effective program available in the world today. The C)ISSO program is closely aligned with the leading standards of ISO27001, NIST, CISM® and the 2012 CISSP® CBK® exam objectives. But it excels by providing a well-rounded and comprehensive overview of each topic area without being restricted to a single model or conceptual approach.

The C)ISSO course focuses on information systems security, not informationtechnology security. The fact is that many participants are technological experts in their own right, be it network operations, storage management systems, database administration, etc. They don't need to be told what an MPLS network is, or the advantages of fiber over copper coaxial, etc. What they do need is a mind-set change.

How to think 'big-picture' instead of 'vertical silo'.

How deep principles within each domain interconnect into a whole.

How to view an area of responsibility through the lens of risk management.

How to perform a threat and risk analysis.

How to derive a residual risk position for your department, enterprise or client. While articulating the same as an organization, issue-specific or system policy, with advisory, regulatory or cyber security goals.

How to implement this policy through the right mix of physical, administrative and technical controls. While performing one or more of the six control services in a defense-in-depth enterprise security architecture.

The C)ISSO content is delivered within a proprietary 'Theory, Technique, Tool' delivery framework via a proprietary 'Discuss, Demonstrate, Do' action learning model. The 19 domains are full of theory, policies, practices and proceedures.

Take relational databases for example. Theoretically, a database must be normalized to at least 4 (out of 5) normal forms to qualify as a relational database. This is the minimum level consistency required to yield the functional benefits of the relational model for data organization. But no vendor has ever complied with this theoretical principle as the performance overhead required to do so is too high. Understanding the differences between relational database theory, and the techniques used by vendors to develop their products (tools) automatically explains 80% of the constant vulnerabilities we see in commercial and government databases.

This knowledge leads to a logical choice of compensating deterrent, preventive, detective, recovery, and corrective controls to govern access to relational data repositories. Mile2 is able to create learning labs where the theory is discussed, and the techniques demonstrated, with participants actively exploring (do) the 'vulnerabilities-within-the-gap'. As well as the natural, man-made and/or technical threats that can exploit these vulnerabilities. Leading to non-disaster, disaster and/or catastrophic impact levels, the likelihood thereof, and select the right mix of controls to mitigate these risks.

Thousands of students from around the world have actively learned the risk management mind-set by taking this Mile2 C)ISSO course.

Users say that the Hurricane Electric Free IPv6 certification service is both entertaining and educational.

We aim to provide you with something to do after your first IPv6 ping.


]Module 1: Risk Management

]Module 2: Security Management

]Module 3: Identification and Authentication

]Module 4: Access Control

]Module 5: Security Models and Evaluation Criteria

]Module 6: Operations Security

]Module 7: Symmetric Cryptography and Hashing

]Module 8: Asymmetric Cryptography and PKI

]Module 9: Network Connections

]Module 10: Network Protocols and Devices

]Module 11: Telephony, VPNs and Wireless

]Module 12: Security Architecture and Attacks

]Module 13: Software Development Security

]Module 14: Database Security and System Development

]Module 15: Malware and Software Attacks

]Module 16: Business Continuity

]Module 17: Disaster Recovery

]Module 18: Incident Management, Law, and Ethics

]Module 19: Physical Security

@ Register Now