Certified Cyber CounterIntelligence Analyst

Cyber CounterIntelligence Tradecraft - Counter Disinformation, Misinformation while building Cyber CounterIntelligence Plans to Subvert the Adversary

   Watch Promo

This course presents the student with foundational concepts and processes in the discipline of cyber counterintelligence with a focus on cyber counterintel missions, defensive and offensive counterintel, and counterespionage applied to traditional tradecraft, and their evolution into the cyber domain. The course includes a vastly different approach to counterintel using models used online in misinformation, influence operations, and disinformation. We cover non-inclusively:

Cyber Infiltration, Information Operations & Warfare, US Approach, Russian Approach, Means of Russian Influence in the West, Russian Soft Power, The Gerasimov Doctrine, As an Instrument of Foreign Policy, Hybrid/Asymmetric Warfare, The Gray Zone of Operations, Destabilize and Subvert, Political Attractiveness and Universal Values, National Counterintelligence Strategy, Standard Glossary, Mission Based Counterintel, Counter Collection and Anticipation, Denial/Deception, Counter-Denial and Deception, Open Source Intelligence, Methods of collection, tools, Social media sites and enrollment, Methods of Social Media Research, Tools and Techniques, Establish Priority Intel Requirements, Cyber Target Acquisition and Exploitation, Validation of target, Adversary campaigns, Intent, Motivation, Goals, and Requirements, Passive data collection, Campaign tactics, techniques, and procedures, Intent, motivation, goals, and requirements, Vectors of approach, Courses of action, Elicitation and exfiltration. Generative Adversarial Networks, Deep Fakes. Weaponizing News – Targeted Disinformation, Goals, Managed Reality, Delegitimizing Criticism, Propaganda to News, Military Churnalism, Agenda Building Detecting Content Replication, Demand and Supply-side disinformation, What is believed that is not true, the Impact of Misinformation, Polarization, Removal of the Fairness Doctrine, High Choice Media, Blogs as Echo Chambers, Partisan Media,

Perception as Deception, Differences in Culture, Hofstede Dimensions, Social Psychology, Cialdini, Big 5 Theory of Personality, Information Warfare and Cyber Psychological Operations, Persona creation, establishment, maintenance, expansion of specific concepts and phrases. Myers-Briggs with the Evil Side and Under Pressure manipulation.

Adversary targeting and dossiers, Clandestine Collection Operation, Surveillance, Counter Surveillance, CI Analysis Reporting, Support Brief, Source Evaluation, Operational analysis report. Tribalism and Cultism.

Socio-cultural awareness, forty-four online dirty tricks, Methods to Disagree, Avoid/Deny/Invoke, Cialdini’s Principles, Rules of Disinformation, Social Engineering, Propaganda, Fallacies and Prejudices, Conversation Manipulation, Manipulation: Features and Threats. Fakes and Fact-checking, The Misinformation Matrix, Information vs Propaganda, Pseudoscience, Cognition, Cognitive Filtering, Cognitive Warfare, Deception Planning, Deception Cycle/Chain, Deception Objective, Deception Methods, Deception Effects, Targets Decisions and Actions, Deception Principles, 10 Steps to Planning, Deceptive Course of Action, Denial and Deception Tactics and Techniques, Rules for Radicals, COINTELPRO, Iterative Feedback, Addressing Failure, Unwanted Effects.

CI Insider Threat, Investigations, prepare an estimate of the situation, Prepare the plan, Support Plan, Cyber Media selection, Internet OPSEC. The training includes modules on the weaponization of conspiracy theories, content farms, echo chambers, fake news, filter bubble, gatekeepers of the hoax, confidence theorist, cui buono, The creation, management, and exploitation of cyber militias, cyber foreign legions, recruitment, training, targeting, and tool usage. The Russian and Ukrainian models and methods.

With the expanding importance of the comprehensive and timely need for intelligence for nations as well as businesses, the student will explore the essential elements that make up the intelligence cycle with a focus on how these pivotal points are exploited. As part of this class, the exploration of the continued importance of critical thinking, as well as out-of¬the-box analysis, will be heavily used to improve the critical-thinking skills of the students. As cyber topics continue to evolve, the increased importance of cyber intelligence is growing and as such the protection of our intelligence cycles will expand as well; emphasizing the growing need to ensure our processes are not compromised in a cyber-dominated landscape. Cyber Counterintelligence is one aspect and possibly one of the most crucial topics at the core of protecting our collection efforts. The potential for active defense or offensive cyber counterintelligence operations will be covered.

The course will rely heavily on individual research and group discussion to explore the world of cyber counterintelligence, and where applicable, make use of the student’s ability to do independent thinking and analysis of in-class problems assigned through weekly discussion threads. This course focuses on open source intelligence and adversaries while creating online personas to assist in data collection and information extraction. This introductory course examines open-source intelligence collection as well as the availability and use of OSINT tools. Students will be able to understand the use methods of only anonymity, the fundamentals behind cyber persona development, enrollment in various social media sites and applications, and how these current methods can be employed in their organizations to assist in operational cyber security, their defense against adversaries, and passive data collection. The establishment of cyber personas takes patience and time to create a credible resource. Parallel activities occur through the outline above. Treadstone 71 maintains separation from the client as required maintaining confidentiality of methods and processes.

8 to 12 Weeks - On-Demand - Online (extensions granted)
NOTE: The videos in this course were recorded with Natural Readers AI.



Your Instructor


Treadstone 71
Treadstone 71

Treadstone 71 is a woman and veteran-owned small business exclusively focused on cyber and threat intelligence consulting, services, and training. We are a pure-play intelligence shop.

Training dates and locations here

Since 2002, Treadstone 71 delivers intelligence training, strategic, operational, and tactical intelligence consulting, and research. We provide a seamless extension of your organization efficiently and effectively moving your organization to cyber intelligence program maturity. Our training, established in 2008, follows intelligence community standards as applied to the ever-changing threat environment delivering forecasts and estimates as intelligence intends. From baseline research to adversary targeted advisories and dossiers, Treadstone 71 products align with your intelligence requirements. We do not follow the create once and deliver many model. We contextually tie our products to your needs. Intelligence is our only business.

  • We use intuition, structured techniques, and years of experience.
  • We supply intelligence based on clearly defined requirements.
  • We do not assign five people to do a job only one with experience.
  • We do not bid base bones only to change order you to overspending.
We do not promise what we cannot deliver. We have walked in your shoes. We understand your pressures.

We are known for our ability to:

  • Anticipate key target or threat activities that are likely to prompt a leadership decision.
  • Aid in coordinating, validating, and managing collection requirements, plans, and activities.
  • Monitor and report changes in threat dispositions, activities, tactics, capabilities, objectives as related to designated cyber operations warning problem sets.
  • Produce timely, fused, all-source cyber operations intelligence and indications and warnings intelligence products (e.g., threat assessments, briefings, intelligence studies, country studies).
  • Provide intelligence analysis and support to designated exercises, planning activities, and time-sensitive operations.
  • Develop or recommend analytic approaches or solutions to problems and situations for which information is incomplete or no precedent exists.
  • Recognize and mitigate deception in reporting and analysis.
    Assess intelligence, recommend targets to support operational objectives.
  • Assess target vulnerabilities and capabilities to determine a course of action.
  • Assist in the development of priority information requirements.
  • Enable synchronization of intelligence support plans across the supply chain.
  • ...and Review and understand organizational leadership objectives and planning guidance non-inclusively.

Course Curriculum


  Week 1 - Cyber CounterIntelligence
Available in days
days after you enroll
  Week 2 - Cyber CounterIntelligence
Available in days
days after you enroll
  Week 3 - Cyber CounterIntelligence
Available in days
days after you enroll

Frequently Asked Questions


When does the course start and finish?
Course availability date: July 10, 2020 After July 10 - On-Demand 8 Weeks Minimum Time to complete - Expandible upon request 40 CPEs - Hands-on Case Studies
How long do I have access to the course?
8 Weeks Minimum Expandible upon request

Course syllabus and content proprietary to Treadstone 71

This course presents the student with foundational concepts and processes in the discipline of cyber counterintelligence with a focus on cyber counterintelligence missions, defensive counterintelligence, offensive counterintelligence, and counterespionage as these realms apply to traditional tradecraft, and how they are or will evolve into the cyber domain. By starting with traditional counterintelligence and progressing to cyber counterintelligence, the student will develop an appreciation for collection efforts, exploitation of potential threats, insider concerns, and the risks and benefits of counterintelligence.

With the expanding importance of the comprehensive and timely need for intelligence for nations as well as businesses, the student will explore the essential elements that make up the intelligence cycle with a focus on how these pivotal points are exploited. As part of this class, the exploration of the continued importance of critical thinking, as well as out-of¬the-box analysis, will be heavily leveraged to improve the critical-thinking skills of the students. As cyber topics continue to evolve, the increased importance of cyber intelligence is growing and as such the protection of our intelligence cycles will expand as well; emphasizing the growing need to ensure our processes are not compromised in a cyber-dominated landscape. Cyber Counterintelligence is one aspect and possibly one of the most crucial topics at the core of protecting our collection efforts. The potential for active defense or offensive cyber counterintelligence operations will be covered.

The course will rely heavily on individual research and group discussion to explore the world of cyber counterintelligence, and where applicable, make use of the student’s ability to do independent thinking and analysis of in-class problems assigned through weekly discussion threads. This course focuses on open source intelligence and adversaries while creating online personas to assist in data collection and information extraction. This introductory course examines open source intelligence collection as well as the availability and use of OSINT tools. Students will be able to understand the use methods of only anonymity, the fundamentals behind cyber persona development, enrollment in various social media sites and applications, and how these current methods can be employed in their organizations to assist in operational cyber security, their defense against adversaries, and passive data collection. The establishment of cyber personas takes patience and time to create a credible resource. Parallel activities occur through the outline above. Treadstone 71 maintains separation from the client as required maintaining confidentiality of methods and processes.

What we cover non-inclusively:

Cyber Infiltration, Information Operations, Information Support Operations National Counterintelligence Strategy, Standard Glossary and Taxonomy, Mission Based Counterintelligence, Counter Collection and Anticipation, Denial and Deception, Counter-Denial and Deception, Cyberspace, Open Source Intelligence, Methods of collection, Specific tools, Social media sites and enrollment, Methods of Social Media Research, Tools and Techniques, Social media demographics, Establish Priority Intelligence Requirements, Establish Information Requirements, Cyber Target Acquisition and Exploitation, Validation of target, Identify active adversary campaigns, Intent, Motivation, Goals, & Requirements, Passive data collection, Campaign development, Target sites, Enrollment, Tactics, techniques, and procedures, Intent, motivation, goals, and requirements, Vectors of approach, Courses of action, Elicitation and exfiltration. Generative Adversarial Networks – Deep Fakes

Perception as Deception, Social Psychology, Differences in Culture, Diversity, Hofstede Dimensions, Social Psychology, Reciprocity, Consistency, Social validation, Liking, Authority, Scarcity, Big 5 Theory of Personality, Information Warfare and Cyber Psychological Operations, Social Engineering (Phishing, Spear Phishing, Whaling, Diversion Theft, Baiting, Pretexting, Water-holing, Tailgating, CEO Fraud, Quid Pro Quo, Rogue, Honeytrap, Scams, Scareware, Fraud, Cons, Various online attack vectors and Manipulation), Target analysis and message manipulation where applicable, Persona creation, establishment, maintenance, expansion (depending upon taking Cyber Intelligence Course), Data collection – recycle for Cyber CounterIntelligence (CI) updates/improvements, Authoring of blogs and articles for influencing, Placement of specific concepts and phrases. Myers-Briggs with the Evil Side and Under Pressure manipulation

The Cyber Persona Layer, Persona creation and implementation, Cyber Persona Development and Maintenance, Character archetypes, leveraging existing, create new, Establish the storyline, Establish the plot synopsis, Story weaving and management, Snuggling, Collection, Linkages, trends, tendencies. Forum manipulation, fabrication, and controlling the narrative. Part of this section includes operational security approaches to keeping online anonymity.

Target profiles – dossiers, Target gap analysis, Define the mission so that it aligns with organizational objectives, Clandestine Collection Operation, Surveillance, Counter Surveillance, CounterIntelligence Activities, CounterIntelligence Analysis and Production, CounterIntelligence Analysis Reporting, Support Brief, Source Evaluation, Operational analysis report, Asset Evaluation, Support Package, CounterIntelligence Assessment, CounterIntelligence Campaign, Mission, Mission Management, Operations, Effects-Based Operations, Functions and Services

Socio-cultural awareness, Forty-Four online dirty tricks, Methods to Disagree, Avoid/Deny/Invoke, Cialdini’s Principles, Rules of Disinformation, Social Engineering, Propaganda, Fallacies and Prejudices, Conversation Manipulation, Deception Planning, Deception Cycle/Chain, Deception Objective, Deception Methods, Deception TTPs for Social Engineering, Target’s Vulnerabilities, Deception Effects, Target’s Decisions and Actions, Deception Principles, 10 Steps to Planning, Deceptive Course of Action, Denial and Deception Tactics and Techniques, Rules for Radicals, COINTELPRO, Iterative Feedback, Addressing Failure, Unwanted Effects.

CounterIntelligence Insider Threat, Investigations, Prepare an estimate of the situation, Prepare the plan, Support Plan, Cyber Media selection, Internet OPSEC, Product development, Pretesting - determines the probable impact on the target audience, Production and dissemination of material, Implementation, Post-testing - evaluates audience responses, Feedback, Ten Commandments of Cyber Counterintelligence, Research and analyze methods of influencing adversaries from a variety of information sources. Case Study Deliverables.

This course is unique in that it started in 2009 creating imitation political campaigns in non-existent districts in the United States. The first case studies required three student groups, each group with separate and confidential assignments within the course content. Each group developed their own political platforms based on the mission given each. The results in this safe yet online environment was a precursor to much of what we see online today with respect to misinformation, disinformation, influence operations, and hybrid warfare of a cyber type.Students created and managed conspiracy theories, social media accounts, blogs, created videos and podcasts, and delivered content targeting adversaries. Our courses are available for customization to fit organizational needs. Contact Treadstone 71 at [email protected] for more information.


Get started now!