Certified Information Systems Security Professional (CISSP)


Dr. Matunda Nyanchama, PhD, CISSP


Dr. Nyanchama has more than 14 years experience in Information Security. He has held several senior positions in various industries, including IT Services, Financial Services Sector, Consulting, Public Sector and Academia. 

Dr Nyanchama He has designed and taught university courses in Information Security, including in the Masters of Information Technology Security program of the University of Ontario Institute Of Technology (UOIT), Ontario, Canada. 
Matunda is a regular speaker in ICT Security & Risk Management forums and conferences. 

Dr Nyanchama holds Masters and Doctoral degrees in Computer Science and a Bsc in Electrical Engineering. He has presented on many subjects on information security and written about information security metrics. He has published a number of security management papers, including co-authoring a chapter in the Information Security Management 
Handbook (5ed), a key reference Guide for the CISSP exams. 
Dr Nyanchama is also listed in the Who is Who in Black Canada, 2006 edition. He is an active member in the African Diaspora community and a featured speaker in a number of events. 
Core Competencies 
► Strategic Planning & Governance, Risk and Compliance 
► Information security management, consulting, operations and academic teaching 
► IT operations, service delivery and account management 
► IT planning and program management 
► IT risk management & Training 
► Security Operations Centre design, implementation & operations
Summary of Experience 

Information Security 
► Managed senior information security professionals: interviewed, hired, counseled, coached and mentored facilitated training & development; reviewed performance and determined performance ratings; did compensation reviews, helped in the design of recruitment & retention strategies 
► Managed IT security operations a major bank - intrusion monitoring, ethical hacking, incident response and antivirus management Security operations 
► Implemented an information protection centre (IPC) for IT security operations at a major bank
► Taught graduate courses in IT security and risk management
► Designed and implement IT security strategy for payment processing company
► Provided engagement delivery thought leadership & offerings development; supported sales principals in bid and proposals, customer presentations and client team planning sessions
► Worked with IT Services delivery team in proposing establishment of the contract and project support offices as a means of aiding contract/program delivery effectiveness

IT Service Delivery
► Managed a portfolio in managed IT services with key focus on account management, service delivery, service level agreement ,business development, customer satisfaction & contract financial health; attained either satisfied or very satisfied levels in client satisfaction;
► Developed labour estimation tool to support sales, which reduced quote turnaround period several days (as long as one week) to less than a day;
► Worked with clients to identify new opportunities based on customer business objectives; worked on new opportunities in excess of several million dollars over 2-year period.
► Participated in delivery capacity model creation for labour & infrastructure for managed services to allow better understanding of costs, resulting in improved contract bidding process;
► Co-created transition to delivery road map that ensured sales requirements were well-transitioned to delivery; co-created troubled contract review process for managed accounts;
► Proposed engagement manager model in support of service delivery.



The Certified Information Systems Security Professional (CISSP) certification is a highly sought-after qualification by those making a career in IT security. Our CISSP Boot Camp course is an intensive, in-depth, training program that has consistently achieved over 97% pass rates in the final CISSP examination. Delegates can be assured of our unconditional "guaranteed pass".

Our delivery method uses the internationally recognized mind-mapping techniques to help the candidate assimilate and "fix" new information rapidly and repeatedly into their existing body of knowledge. Each student will get 
CISSP training kit, the most comprehensive training package available, including:

1. Our CISSP Manual

2. CISSP Self Study Material for after course training

3. Official ISC(2) handbook


The goal of the course is to prepare professionals for the challenging CISSP examination by covering the syllabus defined in the (ISC)2 common body of knowledge.

Target Audience:

Experienced security professionals who want to expand their knowledge and gain an internationally recognized certification. Anyone with suitable experience can attend our course.


This course is not for beginners. Delegates should already have a working knowledge of IT Security. Note that even after successful completion of the exam, only those who can demonstrate 5 years of experience in 2 of the 10 domains will be granted the CISSP certification. Four years of direct full-time security professional work experience in two or more of the ten domains with a college degree would suffice or there is a one-year waiver of the professional experience requirement for holding an additional credential on the (ISC)2 approved list. Others will be able to call themselves an Associate of (ISC)2 for CISSP Associate until they gain the 5 years of experience.

Course Synopsis:

The 10 CISSP Domains:

  • Information Security Governance & Risk Management
  • Access Control
  • Telecommunications & Network Security
  • Cryptography
  • Security Architecture & Design
  • Operations Security
  • Business Continuity & Disaster Recovery Planning
  • Software Development Security
  • Legal, Regulations, Investigations & Compliance
  • Physical (Environmental) Security


1. Access Control

-  Concepts, methodologies &techniques

-  Access Control attacks

-  Effectiveness of access controls

-  Identity and access provisioning lifecycle

2. Telecommunications & Network Security

-  Secure network architecture and design

-  Securing networking components

-  Secure communication channels

-  Network attacks

3. Information Security Governance & Risk Management

-  Align security function to goals, mission and objectives of the organisation

-  Understand and apply security governance

-  Security policies

-  Information lifecycle

-  Third party governance Personnel security

-  Security training, education and awareness

-  Manage the security function

4. Software Development Security

-  Security in the software development lifecycle

-  Environment and security controls

-  Effectiveness of software security

5. Cryptography

-  Application & use of cryptography

-  Cryptographic lifecycle

-  Encryption concepts

-  Key management process

-  Digital signatures

-  Non-repudiation

-  Cryptanalytic attacks

-  Cryptography to maintain application security

-  PKI

-  Certificate related issues

-  Information hiding alternatives

6. Security Architecture and Design

-  Fundamental concepts of security models

-  Information system security evaluation models

-  Security capabilities of information systems

-  Vulnerabilities of security architectures

-  Software and system vulnerabilities and threats

-  Countermeasure principles

7. Operations Security

-  Security operations concepts

-  Resource protection

-  Incident response

-  Preventative measures against attacks

-  Patch & vulnerability management

-  Change and configuration management

-  System resilience and fault tolerance requirements

8. Business Continuity & Disaster Recovery Planning

-  Business continuity requirements

-  Business impact analysis

-  Business Impact recovery strategy

-  Exercise, assess and maintain the plan

9. Legal, Regulations, Investigations and Compliance

-  Legal issues pertaining to information security internationally

-  Professional ethics

-  Support investigations

-  Forensic procedures

-  Compliance requirements and procedures

-  Security in contractual agreements and procurement processes

10. Physical (Environmental) Security

-  Site and facility design considerations

-  Implementation and operation of perimeter security

-  Implementation of operation of internal security

-  Implementation of Operation of facilities security

-  Protection and securing of equipment

-  Personnel privacy and safety

Register & Attend

Early Regstration Qualify for a 10% discount

Early-bird PASS

  • Main keynote speeches
  • 10% discount
  • Price per delegates


  • Main keynote speeches
  • No discount
  • Price per delegates





Don't miss the event!