Certified Threat Intelligence Analyst – Cyber Intelligence Tradecraft Certification Training

We proudly present a Cyber Intelligence Certification Training Online Course conducted by Treadstone 71

The online courses are instructor video and audio recorded with periodic direct interaction with the instructor via online web meetings. The instructor will have standard office time for question and answer as well as regular access via class Cyber Intelligence Tradecraft – Certified Threat Intelligence Analyst email and other messaging options.

This course provides definitive sections along the intelligence lifecycle that are in-depth, aligned to DoD instructions such as the Joint Publication 2.0, DoDI 3305.13, and 3305.02. Following the intelligence lifecycle as defined by the US intelligence community and DNI (dni.gov), students are required to demonstrate understanding and use of OPSEC, collection methods using defined targets and target case studies, understanding and applying analytic techniques, when and how to use analytic techniques and analytic types, and delivery analytic writing products.

Using direction from Sherman Kent and analytic methods from Richards Heuer, students are presented case studies for analysis, required to use tradecraft methods, and provide written reports in standard analytic format. Students are also required to orally present their deliverables to the class. Students leave this course with the tools, methods, and understanding necessary to enhance intelligence programs.

This course is highly specialized following intelligence community tradecraft. You will not get this at SANS or anywhere else. If you want purely technical, then this is not the course for you. If you want tradecraft that lays the foundation for a solid program, education that creates a lasting impact, then this is the course for you.

CPE Credits Earn 40 CPE (Continuing Professional Education) for attending this training. Please request a confirmation.
Location Online
Date of Event 10th July – 12th September 2020
7th August – 3rd October 2020
3rd October – 28th November 2020
7th November 2020 – 9th January 2021
5th December – 30th January 2021
Language English
Participation Fee CHF 5’090.–
How does the course run?
The Cyber Intelligence Tradecraft Certification online course is geared to accommodate times for students globally. Meaning, office hours for discussions, questions/answers will vary weekly from 6AM Eastern Time to 6PM to 9PM (as examples) Eastern time based upon locations of enrolled students and the requested need for those hours.

Recorded lectures will be available weekly for students to review. Lectures are followed by individual and team exercises that focus on Case Studies and online research cover the 8 weeks of the course.

Normal time spent per week is from 5-6 hours. The office hours are live and not required but available should students have questions. Students may also contact the instructor directly via phone, text, Cyphr, Wickr, Signal, SLACK, WebEx, Skype, etc., should they have out of band questions. In addition, there will be an online forum for online Q&A.

  • Within one-week of course start, students receive email instructions on Dropbox access to course files, paid access to a VPN, access to downloads and installations including browser extensions. Students also get information on course books we provide through the Amazon Kindle App.
  • Access to the course is via our portal at Teachable.com

The online course is the same in all aspects as the in-person course but for one area. The online course provides even more content over anywhere from 8 to 12 weeks. Same content, same books, etc. We just start and finish on a Saturday.

Office Hours:
These are much like college office hours for Q&A. We may hold a lecture or 2 that is live and need-based upon student requests. We intend to keep office hours at no more than 60 minutes maximum as needed, as requested. Since the lectures will be available online, students will have an opportunity to review them throughout the course.

The team delivers, and it is the expectation that all on the team will actively participate. We are considering team ratings.

Topics covered
This course follows the International Association for Intelligence Education Standards for Intelligence Analyst Initial Training.

  • Introduction to Intelligence
  • Critical Thinking
  • Analytic Writing
  • Creative Thinking
  • Analytic Briefing
  • Structured Analytic Techniques
  • Analytic Issues
  • Argument Mapping
  • Case Studies

Mitre ATT&CK, Stakeholder Management, Adversary Targeting, Threat Matrices, Intelligence Requirements, STEMPLES Plus, Indicators of Change, Collection Management, Analytic Writing and Dissemination, OSINT and Darknet Searching, OPSEC and Rules of Engagement non-inclusively.

The case studies required by all students cover live passive collection on adversaries taken directly from the headlines. Students perform primary open source collection using Treadstone 71 recommend tools. Students receive documentation on these tools, documentation and templates for structured analytic techniques, collection management, cyber threat intelligence specific RACIs, analytic writing templates, peer review tables and methods, as well as details on operational security techniques.

One of the unique aspects of our courses is the hands-on approach to learning. Students are provided a plethora of data and information that follows the cyber intelligence lifecycle. The lectures follow the lifecycle and students use and practice those techniques during the case studies. The practical and pragmatic approach ensures you listen, practice, and learn through continuous hands on activities. Memorization for a test is proven ineffective and only a point-in-time grasp of the knowledge required to become a true cyber intelligence professional.

What to expect
The Cyber Intelligence course educates students on the processes in the production of intelligence in which intelligence information is subjected to systematic examination in order to identify significant facts and derive conclusions. The course also focuses on the determination of the significance of the information relative to information and intelligence already known and drawing deductions about the probable meaning of the evaluated information. Students will learn:

  • Intelligence analysis as an inherently an intellectual activity that requires knowledge, judgment, and a degree of intuition.
  • Analysis as the process by which people transform information into intelligence. It includes integrating, evaluating, and analyzing all available data – which is often fragmented and even contradictory – and preparing intelligence products.
    • Despite all the attention focused on the operational (collection) side of intelligence, analysis is the core of the process to inform decision makers.
  • Analysis as more than just describing what is happening and why; identifying a range of opportunities… Analysis is the key to making sense of the data and finding opportunities to take action.

The course guides students through the conversion of processed information into intelligence through the integration, evaluation, analysis, and interpretation of all source data and the preparation of intelligence products in support of known or anticipated user requirements. Students will learn how to integrate, evaluate, and interpret information from available sources and develop intelligence products that enable situational awareness. Attendees practice and develop skills in applying learned techniques and methodologies appropriate to an issue to mitigate, gain insight, and provide persuasive understanding of the issue to stakeholders and organizational leadership.

About your trainer
Jeff Bardin is the Chief Intelligence Officer for Treadstone 71 with clients on 4 continents. In 2007, Jeff received the RSA Conference award for Excellence in the Field of Security Practices. His team also won the 2007 SC Magazine Award – Best Security Team. Jeff sits or has sat on the Board of Boston Infragard, Content Raven, Journal of Law and Cyber Warfare, and Wisegate and was a founding member of the Cloud Security Alliance. Jeff served in the USAF as a cryptologic linguist and in the US Army / US Army National Guard as an armor officer, armored scout platoon leader.

Jeff has extensive experience in cyber intelligence lifecycle services, intelligence program builds, TIP selection and build out, targeted research and support, cyber counterintelligence services and analysis, deception planning, and cyber operations. He teaches Cyber Intelligence and Counterintelligence (Anonymity, Cyber Personas, Collection management, Clandestine Cyber HUMINT, Socio-Cultural Aspects of Intelligence, Critical Thinking, Cognitive Bias, Methods and Types of Analysis, Mitre ATT&CK, Structured Analytic Techniques, Analytic Writing, Briefings, and Dissemination), open source intelligence collection and tool usage, strategic intelligence, operational/tactical/technical intelligence, and methods in media manipulation identification.

He has BA in Special Studies – Middle East Studies & Language from Trinity College and an MS in Information Assurance from Norwich University. Jeff also attended the Middlebury College Language School for additional language training. Jeff also spent two+ years studying Russian history, literature, political systems, and language. He lived and worked in the Mediterranean area and the Kingdom of Saudi Arabia and the UAE. Jeff was an adjunct instructor of master’s programs in cyber intelligence, counterintelligence, cybercrime and cyberterrorism at Utica College. He has also appeared on CNN, CBS News Live, FoxNews, BBCRadio, i24News, BBN, and several other news outlets and has contributed bylines to Business Insider non-inclusively.

Students and organizations taught (non-inclusively):
AIB, American Express, Capital One, NATO, Belgian Military Intelligence, Commonwealth Bank, Bank of America, ING, NCSC NL, American Electric Power, Nationwide, Battelle, Standard Chartered, Columbus Collaboratory, Anomali, Defense Security Services, PNY, Dell Secureworks, HPE Security, EclecticIQ, Darkmatter (AE), General Electric, General Motors, PNC, Sony, Goldman Sachs, NASA, DoD, East West Bank, Naval Air Warfare Center, VISA, USBank, Wyndham Capital, Egyptian Government, DNB Norway, Euroclear, Malaysian Cyberjaya, People’s United Bank, Baupost Group, Bank of North Carolina, Cardinal Health, Huntington, L Brands, OhioHealth, Fidelity Investments, Citi, Citigroup, T. Rowe Price, Wells Fargo, Thrift Savings Plan, Discover, Equifax, Blackknight Financial Services, Schwab, GM, FRB, Intercontinental Exchange (ICE), Citizens Financial Group, Cleveland Clinic, Scottrade, MetLife, NY Life, Essent, Synchrony Financial, TD Ameritrade, First Citizens Bank, M&T Bank, Western & Southern, American National Bank of TX, National Reconnaissance Office, OCBC Bank Singapore, Spentera, FBI, W.R. Berkley, People’s United Bank, Stellar Solutions, Lockheed Martin, Harvard Pilgrim, Symantec, State of Florida, Deloitte, Ernst and Young, Mitsubishi UFG Trust and Banking Corporation, Target, Tri Counties Bank, Mass Mutual, Tower Research, Latham and Watkins LLP, Geller & Company, KeyBank, Northern Trust, Fannie Mae, BB&T, Blue Cross Blue Shield Michigan, Farm Credit Services of America, Aviation ISAC, Regions Financial Corporation, Intercontinental Exchange (The ICE), Vista Equity Partners, JP Morgan Chase, Archer Daniels Midland, Nacha, Barclays, Options Clearing Corporation (OCC), Expo2020, Abu Dhabi Smart Solution’s and Services Authority, Merck & Co., Inc Nomura International, ING, Finance CERT Norway, iPipeline, BBVA, PenFED, Santander, Bank of America, Equifax, BNY Mellon, UBS Group, OCC, Verizon, Vantiv, Raymond James, Bridgewater Associates, Bank of America Merrill Lynch, BBVA, Promontory Interfinancial Network, Bank of Canada, Credit Suisse, HSBC, Church of Jesus Christ of Latter Day Saints, Ocean First Bank, International Exchange, Vista Equity Partners, Aetna, QBE Insurance Group, ACI Universal Payments, Betaalvereniging Nederland, Dutch Police, Motorola Solutions, Intel Corporation, Salesforce, Singapore Ministry of Defence, Australia and New Zealand Banking Group Limited (ANZ), National Australia Bank Limited, non-inclusively (as well as several other firms by proxy as they hire qualified intelligence professionals trained by Treadstone 71).

“I completed Treadstone 71’s Cyber Intelligence Tradecraft Certification Training in March 2018. Although I had attended numerous cyber training courses in the past, I found this course to be the best cyber training course ever. The instructor, Jeff Bardin, is a top-notch teacher who has the actual experience and credentials to effectively present the subject to students. In addition to his deep experience, Jeff’s wonderful personality and his passion for cyber intelligence make him a second-to-none instructor. The majority of the classes dealt with intelligence analysis, a subject other cyber intelligence courses fail to cover effectively. I give this course five out of five stars and I highly recommend it to government and private sector employees who want to learn cyber intelligence the right way.”

“Fantastic class that gets to the foundational aspects of traditional tradecraft. We studied hard examining recent attack campaigns. The analysis training prepared me for real-world efforts. Have to say this is one of the best classes I have ever taken having taken. They are a class mill today. The Treadstone 71 course material is unique, focused, and timely.”

“This is one of the best, if not the best, Cyber Threat Intelligence training course I’ve attended.”

Validated and registered students will receive login and preparation information 1 week prior to class start. Prospective students must register with a corporate account email address to validate course eligibility (corporate accounts are not Gmail, Hotmail, Yahoo, Mail, Hushmail, Protonmail, and the like). Treadstone 71 reserves the right to restrict course registration based upon certain risk factors.

Cancellations of registration are free of charge until 30 days before. Cancellations received beyond this point will incur 100% of the admission fee. You will get an invoice for the respective amount. In any case, however, a delegate may be sent at no additional costs.

Register online at https://www.cyberinteltrainingcenter.com/. You will get 10% rebate with the code SIGST71-10 (also valid for all other offered trainings.

Event Partner

Learn more about the training

Check the video below for more information about “Building an Effective Cyber Intel Program”

For further testimonials please check here

Earn CPE Credits for
attenting SIGS Events