Academy
Train to our standard
Courses, refreshers and self-tests built from the way we actually work. Start with the fundamentals; more is on the way.
Quantitative Foundations

Maths Refresher Series (Finance) Stable Level I
A six-module refresher in the mathematics of finance: calculus, linear algebra, probability, statistics and stochastic processes.

R: Statistical Computing experimental Level II
Statistical computing for people who must defend the number: the tidyverse for wrangling, distributions and inference, regression, and reproducible analysis and visualisation, the analytical companion to the maths refresher.

System Dynamics Stable Level II
An interactive System Dynamics course: fourteen runnable stock-and-flow models from the bathtub to tipping points, a causal-loop method primer and a graded readiness gate, in your browser.

Quantitative Research Methods experimental Level IV
Doing quantitative research that survives scrutiny: finding and vetting primary sources, building a dataset whose every figure is traceable, pulling signal from noisy and incomplete evidence, and defending both the data and the method when challenged. The research backbone behind a credible dissertation or analysis.
Data

Data Modeling experimental Level II
The shape of data before the query: entities and relationships, keys and normalisation, and when to reach for a relational, document or graph model. The foundation the rest of the track is built on.

SQL and the Relational Model experimental Level II
The relational model and its language, taught on SQLite: joins, aggregation, window functions, transactions and indexes, and reading the query planner so you know why a query is slow, not just that it is.

JSON and Semi-structured Data experimental Level II
Data that does not fit a table: documents and trees, JSONPath, validation against a schema, and querying JSON in place with SQLite's JSON functions, where the relational and semi-structured worlds meet.

Graph Query with AdaGQL experimental Level III
Querying a graph as a graph: nodes, edges and paths, pattern matching and traversal, on the CCI GraphDB with AdaGQL, for the questions that joins answer badly.

Cubes and OLAP experimental Level III
Data arranged for analysis: dimensions and measures, star schemas, roll-up and drill-down, and the OLAP operations that turn rows into a picture a board can read.

Storage Engines experimental Level IV
How a database actually works, the capstone: B-trees and LSM trees, the write-ahead log, multi-version concurrency control and the buffer pool, building the engine that SQL and AdaGQL run on top of.
Networks and Telecom

Telecommunications and Data Communication experimental Level II
From the Chappe optical telegraph to modern links: signalling, modulation, multiplexing, error control and the layered stack, traced from first principles to today's networks.

IP Networks and Routing experimental Level II
How packets find their way: addressing and subnetting, the routing table, OSPF and BGP and failure modes, explored on an interactive topology you can break and repair.

Optics Primer Series Stable Level II
A twelve-module optics primer, from first principles to all-optical logic gates: interactive labs (interference, diffraction, waveguides, gates), graded tests and a fifteen-language hub, in your browser.

Secured Data Transmission experimental Level IV
A doctoral (Level IV) capstone on secured data transmission: jamming, key ceremonies and multipath mapped to the CIA triad, then traced from the ATM-versus-IP control-plane wars through SDN and segment routing to programmable silicon, all on a homegrown in-browser network emulator.
Systems

Digital Logic and Gateware experimental Level I
From the transistor to a working processor: logic gates, Boolean and multi-valued logic, and the full FPGA gateware flow, in a browser testbed that builds lab by lab to a synthesised CPU running a real program.

Computer Architecture Stable Level II
An interactive MIPS16 study tool: instruction set, assembler and emulator, in your browser.

Operating Systems experimental Level III
From the bare metal up: processes and threads, virtual memory, schedulers, file systems and system calls, taught against a small interactive kernel you step through in your browser.

Compiler Design experimental Level IV
How source becomes machine code: lexing, parsing, abstract syntax trees, type checking, intermediate representations and code generation, taught through an augmented, idempotent B compiler written in B that you extend stage by stage.
Security

Offensive Systems Security experimental Level I
Seeing memory and control flow, then bending them inside a sandbox that never touches your machine: a foundational, defensively framed offensive-systems course where exploitation is demonstrated and contained, not just described.

Security Architecture and Engineering experimental Level II
A system is a graph of trust boundaries, and you defend the graph: model an architecture, place and wire components against a brief, machine-check the security invariants, then survive an injected constraint you did not design for.

Silicon-rooted Security experimental Level III
Down from software abstraction to gates, datapaths and buses: add a security opcode to a RISC-V-class core, build a gateware cipher, protect the bus, root trust in hardware, model the attacks, and verify a security property in simulated silicon.

Systems Security experimental Level III
Defence in depth as engineering, not slogans: privilege, isolation, threat models, memory safety and exploit classes, with labs that attack and then harden a deliberately weak system.

Cryptography experimental Level III
The mathematics that makes secrecy provable: modular arithmetic, symmetric and public-key schemes, hashes and signatures, building each primitive from first principles.

Reverse Engineering experimental Level III
Taking software apart to understand it: disassembly, calling conventions, static and dynamic analysis and binary patching, practised on small targets in a browser sandbox.

Detect, Respond, Forensics experimental Level III
What to do when prevention fails. Telemetry and detection engineering, triage and containment, memory and disk forensics, and timeline reconstruction, practised on a breached system you must scope, evict and explain.
Cyber Threat Intelligence experimental Level III
The intelligence cycle applied to the cyber domain: threat actor profiling with the Diamond Model, the Cyber Kill Chain and MITRE ATT&CK, analytic tradecraft under uncertainty, sharing formats and platforms, and closing the loop from intelligence into detection engineering.
Web and Mobile Security experimental Level III
From a static document viewer to a scriptable, sandboxed, cellular-connected attack surface: browser process isolation, modern web runtimes, the WebRTC privacy leak, mobile OS security, telemetry, zero-click exploitation, and the baseband and SIM Toolkit layers beneath it all.
Cyber-Physical and OT Security experimental Level III
From the Purdue Model to the shop floor: SCADA, ICS and PLCs, a source-checked history of incidents, IEC 62443, and the case for physical segregation, closing the CyBOK Cyber-Physical Systems gap.

Secure Development at Scale experimental Level III
Security that survives a thousand applications: threat modelling, secure SDLC, supply-chain integrity and policy as code, mapped to the pipeline and graded against real review gates.

Formal Methods experimental Level IV
Specifying systems and proving them correct: model checking with SPIN and PROMELA and specification with TLA+, producing the kind of evidence a Common Criteria evaluation expects at the higher assurance levels.
Adversarial ML and GenAI Security experimental Level III
Attacking and defending the model, from the classifier era to the agentic one: evasion, poisoning, extraction, prompt injection and agentic risk, disciplined by a light AI governance and assurance thread.
Distributed Systems Security experimental Level IV
Consensus, Byzantine fault tolerance, clock and event-ordering attacks, and blockchain security, from Lamport's 1978 logical clocks through Paxos, Raft, and Practical Byzantine Fault Tolerance to Bitcoin and SUNDR, benchmarked against MIT's current 6.5840 and 6.852J, with Plan 9 and Inferno as a contrasting historical case study.
Scams and Social Engineering experimental Level II
The ontology, psychology and history of scams and social engineering, dissected through real incidents from RSA to MGM Resorts, with a portable framework and role-specific teaching guidance for boards, treasury, engineers and front-of-house staff.
Technical Countermeasures to Social Engineering experimental Level III
Technical countermeasures against social engineering and scam delivery: Bayesian and rule-based filtering, email authentication, AI-based detection and voice-channel anti-fraud controls, reported in board-legible governance terms.
Governance and Assurance
Implementing Regulations atop an ISMS experimental Level III
Building one ISO/IEC 27001 information security management system and mapping it across NIS2, DORA, the Cyber Resilience Act and France's LPM: one management system, four regulatory views, defended in a simulated certification audit.
Governance, Risk and Audit experimental Level II
Security governance as a program, risk as a lifecycle and information systems audit as a method: one taught spine with CISA and CRISC views, practised against CCICCS's own artifacts.
Data Privacy Law and the Data Protection Officer experimental Level II
The history and comparative law of the privacy right, from its 1890 common-law origin through the General Data Protection Regulation, the Californian, Indian, Malaysian, and United Kingdom statutes, to the Data Protection Officer role and the unresolved Chat Control 2.0 encryption-scanning debate.
Venture

Digital Brand and Demand experimental Level II
Marketing a venture like an engineer: turning a persona into a qualified lead as a measurable system. Brand and message, a usable and well-crafted site, the social and search channels that feed the funnel, and the attribution that proves what actually worked, taught against the canon the web itself is judged by.

Entrepreneurship experimental Level III
Building a venture like an engineer: problem-solution fit, unit economics, competitive strategy as game theory and fundraising, worked through a running case study of a fictional startup, Acme, from first idea to term sheet.
Digital Marketing for Cybersecurity Vendors experimental Level II
Digital marketing for cybersecurity vendors, treating artificial intelligence as a tool inside the discipline rather than the subject itself, from decision-committee mapping through campaign mechanics, AI-assisted content, quantitative marketing analytics, AI ethics for regulated buyers, and a real capstone marketing plan.
AI
AI Foundations: From Zero to a Self-Trained Model experimental Level I
From the perceptron to a self-hosted, tool-using model you built, trained and run yourself: a foundational course covering AI and machine-learning fundamentals, home-lab hardware, local model serving, voice, the open-weight model landscape, automation and a capstone that fine-tunes and deploys your own specialised model.
No-Code and Agentic AI experimental Level II
No-Code and Agentic AI: design, evaluate, and govern AI-driven workflows, from clustering and regression through large language models, retrieval-augmented generation, and multi-agent orchestration, without writing a single line of code.