What is cyber intelligence training?

Cyber intelligence training teaches analysts how to collect, structure, assess, write, and brief intelligence for cyber risk, threat, influence, and operational decisions. Treadstone 71 programs cover collection planning, OSINT, structured analytic techniques, deception detection, warning analysis, reporting, and forecasting — all aligned to IAFIE standards and listed in the CISA NICCS catalog.

Who should take counterintelligence and cyber intelligence courses?

Programs fit threat intelligence analysts, security leaders, investigators, cybercrime teams, intelligence writers, peer reviewers, government agencies, defense organizations, and enterprise security groups that need stronger analytic tradecraft.

Do you offer cognitive warfare and disinformation training?

Yes. The catalog includes cognitive warfare, narrative analysis, deception, influence operations, Russian and Chinese cognitive warfare doctrine, People Intelligence (PEOPINT), and related programs that help students identify manipulation, hostile narratives, and behavior-driven threat patterns.

Are the courses self-paced or live?

Most programs offer online, on-demand access with mentor support. Select programs add live web meetings, office hours, or instructor-supported cohorts. In-person training is available through Treadstone 71's client-driven and Project Omega Prague residency formats.

Do you provide team or enterprise licensing?

Yes. Enterprise subscription options support organization-wide access through a single annual license. Teams gain shared training paths, consistent analytic language across analysts, and centralized progress reporting for security leadership.

Are the certifications recognized in the intelligence community?

Treadstone 71 training is IAFIE-aligned, follows PHIA standards language, and is listed in the CISA NICCS training catalog as a recognized cybersecurity workforce development provider. Certifications carry CPE credits and are recognized by government agencies, defense contractors, and Fortune 500 security teams worldwide.

What is the TWELVEROFF discount code?

TWELVEROFF is the current promotional code for 12 percent off featured programs at checkout. Apply at the checkout step on any featured course page. Subject to change — verify current offer on the featured programs page.

How does this site relate to Treadstone 71?

The Cyber Intel Training Center is the official online training platform of Treadstone 71 LLC, a veteran-owned, woman-led cyber intelligence firm operating since 2002. Treadstone 71 also delivers in-person training, consulting, adversary dossiers, and intelligence program builds at treadstone71.com.

NICCS LISTED · INTELLIGENCE REQUIREMENTS · PIRs · EEIs · SIRs · COLLECTION FOUNDATION · IAFIE ALIGNED

Intelligence Requirements PIRs, EEIs, and SIRs — The Cascade That Drives Collection

Name: Enterprise Cyber Intelligence Training Subscription
Brand: Treadstone 71
Price: 99990.00 USD
Availability: InStock

Intelligence requirements are the structured translation of stakeholder decision needs into formal documents that drive collection planning, tasking, and analytic production. The IC cascade is well established — PIRs (Priority Intelligence Requirements), EEIs (Essential Elements of Information), and SIRs (Specific Information Requirements) — and operationally consequential. Without disciplined requirements, collection chases what is collectable rather than what is needed, and analytic production drifts away from consumer decisions. This is the entry-tier course in the Collection-band of The Analyst Stack at $299.

This course covers intelligence requirements construction applied to cyber intelligence — building PIRs from stakeholder decisions, deriving EEIs that operationalize each PIR, structuring SIRs that drive specific collection tasking, and integrating the requirements cascade with Stakeholder Analysis (upstream) and Collection Management (downstream). Foundational reading for any analyst whose work depends on knowing what to collect and why.

Course Price$299 USD

TierEntry — Collection Band

LevelIntermediate

CascadePIR → EEI → SIR

What You'll Learn

Intelligence requirements construction for cyber intelligence

Priority Intelligence Requirements (PIRs) — top-level questions decision-makers need answered to make specific decisions. How to build PIRs that are scoped, time-bound, and aligned to consumer decisions rather than topics. The structural conventions that distinguish operational PIRs from generic "things we should know."
Essential Elements of Information (EEIs) — the sub-questions that each PIR decomposes into. Operational tradecraft for EEI construction: scope, specificity, mutual exclusivity, and collective exhaustiveness. The level at which collection planning starts to engage.
Specific Information Requirements (SIRs) — concrete information needs that drive specific collection tasking. The granularity level at which collectors operate. How to write SIRs that produce collected information actually answering the parent EEI and PIR.
The Cascade Integrity Discipline — maintaining the PIR → EEI → SIR cascade so collected information feeds back up to answer the original consumer decision question. The discipline that prevents requirements drift, scope creep, and the broken-cascade pattern that produces collected information nobody knows what to do with.
Cyber-Domain Requirements Construction — building requirements for cyber intelligence specifically: adversary capability questions, infrastructure tracking, campaign attribution, threat-landscape forecasts, and incident-driven dynamic requirements that differ structurally from steady-state strategic requirements.
Requirements Workflow Integration — how requirements integrate with Stakeholder Analysis upstream (where decisions come from) and Collection Management downstream (where requirements drive tasking). The closing-the-loop discipline for requirements review and refresh.

Course Content

The Structured Translation of Decisions into Collection-Drivable Form

The intelligence requirements cascade is one of the cleanest pieces of IC tradecraft: a decision generates a PIR, which decomposes into EEIs, which decompose into SIRs that collection can task against. Collected information satisfies SIRs, which roll up to answer EEIs, which roll up to answer PIRs, which support consumer decisions. When the cascade works, intelligence production is end-to-end aligned to consumer reality. When it breaks — and in practice it breaks frequently in cyber intelligence functions that have not invested in requirements discipline — the result is collected information disconnected from decisions, analytic products disconnected from consumers, and operational drift toward whatever is easy rather than what is needed.

This course operationalizes the IC requirements cascade for cyber intelligence work. PIR construction calibrated to the cyber-domain decisions that security executives, CISOs, fraud and risk leaders, and operational consumers actually make. EEI decomposition tradecraft for the specific cyber-intelligence problem types. SIR construction at the granularity collectors can act on. Cascade-integrity discipline that maintains end-to-end alignment as requirements evolve. At $299 this is the entry-tier course in the Collection band — accessible as standalone introduction or as on-ramp to the broader collection-discipline curriculum and The Analyst Stack as a whole.

Part Of A Larger Curriculum

Entry-Tier Component of the Collection Band in The Analyst Stack

This Intelligence Requirements course is the entry-tier component of The Analyst Stack ($6,999) collection-discipline band — at $299 it is the most accessible entry into the band. Pairs operationally with Stakeholder Analysis ($399) upstream, Collection Management ($399) downstream, and Source Evaluation ($399) for validation. Together with the analytic-method band, the strategic-assessment band, the CCIA flagship, and additional Analyst Stack components: comprehensive day-one analyst capability at substantial bundle savings.

Common Questions

Intelligence Requirements — FAQ

Who is this course designed for?

Cyber threat intelligence analysts building or maintaining requirements documents, CTI program leads structuring requirements processes for their teams, security operations leaders translating internal decisions into formal intelligence requirements, IC analysts entering or transitioning into cyber portfolios, MSSP / consulting analysts managing client requirements, and analytic methodology trainees building the upstream collection discipline.

What is the PIR / EEI / SIR cascade?

Priority Intelligence Requirements (PIRs) are top-level decision-driven questions. Essential Elements of Information (EEIs) are the sub-questions each PIR decomposes into. Specific Information Requirements (SIRs) are concrete information needs at the granularity collectors can task against. The cascade structures the translation from consumer decisions to operational collection tasking, with feedback going the other direction as collected information rolls up to satisfy SIRs, EEIs, and ultimately PIRs.

Why is this the lowest-priced course in the Collection band?

At $299 this course is the entry-tier of the Collection band. The pricing reflects the focused scope — it covers the requirements-cascade discipline itself rather than the broader stakeholder, collection, or source-evaluation tradecraft. The other Collection-band components ($399 each) expand the discipline laterally. Most learners benefit from the full collection-band combination, with this Intelligence Requirements course as the natural starting point.

Is there a prerequisite?

None formal. Most learners benefit from the full collection-discipline band: Stakeholder Analysis ($399), Collection Management ($399), and Source Evaluation ($399). The four components are operationally interconnected.

Is this part of a bundle or certification?

Yes. This course is one of 10 components of The Analyst Stack ($6,999) — the entry-tier component of the collection-discipline band. Contributes to the CCIA (Certified Cyber Intelligence Analyst) certification track, which references intelligence requirements tradecraft throughout its curriculum.

About The Provider

Treadstone 71

We See What Others Cannot

Treadstone 71 has built and refined intelligence requirements processes for cyber intelligence programs continuously for two decades — PIR construction tied to executive and operational decisions, EEI decomposition disciplined for cyber-domain problem types, SIR tradecraft at the granularity collectors can act on. The course reflects operational experience designing requirements processes across financial services, defense industrial base, federal civilian agencies, MSSP and consulting practices, and critical infrastructure operators. Veteran-owned, woman-led, NICCS-listed, IAFIE-aligned, operational since 2002.

Two Decades Requirements Process Design

Multi-Sector Requirements Tradecraft

NATO CCDCOE Briefings

NICCS Listed Provider

Translate Decisions into Collection-Drivable Form

Self-paced. Intermediate-level. PIR → EEI → SIR cascade applied to cyber intelligence requirements construction. Entry-tier of the Collection band. Scroll up to enroll, or consider The Analyst Stack to combine this with the full collection-discipline band and the broader analyst methodology curriculum.

$299 USD Self-paced · Intermediate · Lifetime access · CPE credits

Get started now!

Course Curriculum

Building and Enhancing Your Program - Intelligence Requirements

Available in days

days after you enroll