Fq1avubssrcvw3qsoiaq

October 3, 2020 - Certified Cyber CounterIntelligence Analyst - Cyber CounterIntelligence Tradecraft

Cyber CounterIntelligence Tradecraft - Starts October 3, 2020

   Watch Promo

Cyber Infiltration

Propaganda and Fallacies

Cyber Psychological Operations

Information Operations

Media Manipulation

Target analysis and manipulation

Standard Glossary and Taxonomy

Charts, Graphs, Generators

Authoring of blogs and articles for influencing

Mission-Based Counterintelligence

Deception Planning

Placement of specific concepts and phrases

Counter Collection and Anticipation

Deception Chain

Cyber Persona Layer

Denial and Deception

Types of Denial and Deception

Cyber Persona Development and Maintenance

Counter-Denial and Deception

D&D Usage

Character archetypes

Open Source Intelligence in Deception Operations

Perception as Deception

Establish the storyline

VPNs and Burn Phones (US Only)

Avoid and Deny

Establish the plot synopsis

Methods of Social Media Research

Shifting the Conversation

Story weaving and management

Social Engineering Methods and Tactics

Forum Manipulation - COINTELPRO

Target profiles – dossiers

Cyber Target Acquisition and Exploitation

Social Psychology – Countering Social Engineering

Target gap analysis

Identify Active Adversary Campaigns

Persuasion and Online Manipulation

Clandestine Collection Operation

Intent, Motivation, Goals, & Requirements

Differences in Culture/Diversity

Surveillance and Counter Surveillance

Passive data collection

Hofstede Dimensions

CI Insider Threat, Investigations

Campaign development

Reciprocity and Consistency

Guide to Underhanded Tactics

Vectors of approach

Social validation

Rules for Radicals

Courses of action

Liking, Authority, and Scarcity

Case Studies

Elicitation and exfiltration

Rules of Disinformation

Team Presentations

Memetic Engineering

Information Warfare

Content Creation

Influence Operations

Influence Cyber Operations in Social Engineering

Operational Security

Clandestine Cyber HUMINT

Rules for Radicals

This course presents the student with foundational concepts and processes in the discipline of cyber counterintelligence with a focus on cyber counterintelligence missions, defensive counterintelligence, offensive counterintelligence, and counterespionage as these realms apply to traditional tradecraft, and how they are or will evolve into the cyber domain. The course includes a very different approach to counterintelligence using models exhibited online over the past few years to steer the conversation to the desired outcome.

8 to 12 Weeks - On-Demand - Online



Your Instructor


Jeff Bardin
Jeff Bardin

Former adjunct professor of Cyber Intelligence, Counterintelligence, and Cybercrime (Utica College) and Information Security Risk Management (Clark University). Experienced in cyber intelligence lifecycle services and support, cyber counterintelligence services and analysis, active defense and cyber operations. Commercially teach Cyber Intelligence (Anonymity, Sockpuppets, Cyber Collection, Clandestine Cyber HUMINT, Socio-Cultural Aspects of Intelligence, Lifecycle, Critical Thinking, Cognitive Bias, Methods and Types of Analysis and Methods, Structured Analytic Techniques, Analytic Writing, BLUF/AIMS Delivery, and Dissemination), Jihadist Online Recruitment Methods, cyber influence operations, high-value target development, deception planning, deception operations management, Middle Eastern Cyber Warfare Doctrine, adversary dossier development and social-cultural analysis, jihadist training and gaming as a method of training, information and intelligence sharing, threat intelligence platform selection, non-inclusively.

Jeff Bardin is the Chief Intelligence Officer for Treadstone 71 with clients on 4 continents. In 2007, Jeff received the RSA Conference award for Excellence in the Field of Security Practices. His team also won the 2007 SC Magazine Award – Best Security Team. Jeff sits or has sat on the Board of Boston Infragard, Content Raven, Journal of Law and Cyber Warfare, and Wisegate and was a founding member of the Cloud Security Alliance. Jeff served in the USAF as a cryptologic linguist and in the US Army / US Army National Guard as an armor officer, armored scout platoon leader.

Mr. Bardin has extensive experience in cyber intelligence lifecycle services, program builds, targeted research and support, cyber counterintelligence services and analysis, deception planning, and cyber operations. He teaches Cyber Intelligence and Counterintelligence (Anonymity, Cyber Personas, Collection management, Clandestine Cyber HUMINT, Socio-Cultural Aspects of Intelligence, Critical Thinking, Cognitive Bias, Methods and Types of Analysis, Mitre ATT&CK, Structured Analytic Techniques, Analytic Writing, Briefings, and Dissemination), open source intelligence, strategic intelligence, operational/tactical/technical intelligence, and methods in media manipulation identification.

He has BA in Special Studies - Middle East Studies & Language from Trinity College and an MS in Information Assurance from Norwich University. Jeff also attended the Middlebury College Language School for additional language training. Mr. Bardin also spent two+ years studying Russian history, literature, political systems, and language. He lived and worked in the Mediterranean area, Europe, Australia, Singapore, Malaysia, the Persian Gulf Region, and the Kingdom of Saudi Arabia. Jeff was an adjunct instructor of master’s programs in cyber intelligence, counterintelligence, cybercrime and cyberterrorism at Utica College. Mr. Bardin has also appeared on CNN, CBS News Live, FoxNews, BBCRadio, i24News, BBN, and several other news outlets and has contributed bylines to Business Insider non-inclusively.

We started teaching these courses in 2009 and have continued to update and hone them while maintaining true to the intelligence community standards. We have since built cyber threat intelligence programs for Fortune 500 firms and government organizations on four continents while providing targeted research against adversaries and nation-states.

Treadstone 71:

We founded the company in 2002 and started creating cyber personas and infiltrating al-Qaeda sites collecting information and sharing it with various US-based organizations in 2004. In 2009-10, we started teaching Cyber Intelligence, Cyber CounterIntelligence and Cyber Crime courses at the master’s level at Utica College where we established the intelligence program. After three years of teaching at the academic level, we switched to the commercial space honing the courses to CIA/DIA style tradecraft as aligned to the cyber environment using the skills acquired in 2004. Since that time, we have continued to update the courses using real-world case studies as part of the training.

We have kept the company purposely small and now offer the training courses (www.treadstone71.com/cyber-intelligence-trainingan... www.cyberinteltrainingcenter.com) as well as Cyber Threat Intelligence maturity assessments, strategic and program planning, active research, collection, and reporting. We also perform Threat Intel Platform assessments, selection, and rollout activities for clients. We have clients in the US, EU, Australia, and Asia with active proposals in the Middle East. My personal background is as an Arabic Linguist (USAF / NSA), Russian Linguist, and CISO financial services, government contracts, insurance, and cybersecurity vendors. We have also acted as a critical resource for government CISOs in the past authoring their agency strategic plans, program plans and responding to Congressional inquiries on their behalf.

Jeff has spoken at RSA, NATO CyCon (Estonia), the US Naval Academy, the Air Force Institute of Technology, the Johns Hopkins Research Labs, Hacker Halted, Malaysian Cyberjaya, Secureworld Expo, Hacktivity (Budapest), IS2 Prague, London (RSA), ISSA, Security Camp (Cairo), and several other conferences and organizations.

Mr. Bardin has authored books and contributed chapters to several other books most recently Current and Emerging Trends in Cyber Operations from George Washington University. Recently edited and provided content for Understanding Computers: Today and Tomorrow by Deborah Morley, Charles S Parker - 11th edition (March 2006 release). Reviewer for Building an Information Security Risk Management Program from the Ground Up (Evan Wheeler), Author Chapter 33 Computer Information Security Handbook 5th Edition - SAN Security. Author Chapter on Satellite Security - Computer Information Security Handbook 6th Edition. Author - The Illusion of Due Diligence - Notes from the CISO Underground (April 2010 release).

Treadstone 71 is a pure play intelligence company focusing on targeted research of adversaries building in-depth dossiers recording methods, tactics, techniques, procedures, known associates, memberships and psychological profiles. We author Current, Research/Foundational, Advisories, STEMPLES Plus, and Estimative Intelligence reports. We create profiles of high value targets including ‘know your customer’ profiles delivering assessments and gaps in protections with recommendations and opportunities.

We are known for building Strategic Intelligence Programs from vision, mission, guiding principles, goals, objectives, 36-month plans, policies, procedures, process flows, SOPs, KPIs, CSFs, training and awareness programs for intelligence. We also help establish internal intelligence community programs from technical and tactical to operational and strategic including physical, competitive, business, and cyber.

We have taught classes to and/or worked with/for:

AIB, American Express, Capital One, NATO, Belgian Military Intelligence, Commonwealth Bank, Bank of America, ING, NCSC NL, American Electric Power, Nationwide, Battelle, Standard Chartered, Columbus Collaboratory, Anomali, Defense Security Services, PNY, Dell Secureworks, HPE Security, EclecticIQ, Darkmatter (AE), General Electric, General Motors, PNC, Sony, Goldman Sachs, NASA, DoD, East West Bank, Naval Air Warfare Center, VISA, USBank, Wyndham Capital, Egyptian Government, DNB Norway, Euroclear, Malaysian Cyberjaya, People's United Bank, Baupost Group, Bank of North Carolina, Cardinal Health, Huntington, L Brands, OhioHealth, Fidelity Investments, Citi, Citigroup, T. Rowe Price, Wells Fargo, Davis Polk, Thrift Savings Plan, Discover, Equifax, Blackknight Financial Services, Schwab, GM, FRB, Intercontinental Exchange (ICE), Citizens Financial Group, Cleveland Clinic, Scottrade, MetLife, NY Life, Essent, Harvard University, Charles River Associates, Synchrony Financial, In-Q-Tel, TD Ameritrade, First Citizens Bank, M&T Bank, Western & Southern, American National Bank of TX, National Reconnaissance Office, OCBC Bank Singapore, Spentera, FBI, W.R. Berkley, F-Secure, People’s United Bank, Stellar Solutions, Lockheed Martin, Harvard Pilgrim, Symantec, State of Florida, Deloitte, Ernst and Young, Mitsubishi UFG Trust and Banking Corporation, Target, Tri Counties Bank, Mass Mutual, Tower Research, Latham and Watkins LLP, Geller & Company, KeyBank, Northern Trust, Fannie Mae, BB&T, Blue Cross Blue Shield Michigan, Farm Credit Services of America, Aviation ISAC, Regions Financial Corporation, Intercontinental Exchange (The ICE), Vista Equity Partners, JP Morgan Chase, Archer Daniels Midland, Nacha, Barclays, Options Clearing Corporation (OCC), Expo2020, Abu Dhabi Smart Solution's and Services Authority, Merck & Co., Inc Nomura International, ING, Finance CERT Norway, iPipeline, BBVA, PenFED, Santander, Bank of America, Equifax, BNY Mellon, UBS Group, OCC, Verizon, Vantiv, Raymond James, Bridgewater Associates, Bank of America Merrill Lynch, BBVA, Promontory Interfinancial Network, Bank of Canada, Credit Suisse, HSBC, Church of Jesus Christ of Latter Day Saints, Ocean First Bank, International Exchange, Splunk, Vero Skatt, Ernst & Young, Relativity, Ultimate Software, Vista Equity Partners, Aetna, QBE Insurance Group, ACI Universal Payments, Betaalvereniging Nederland, Dutch Police, Motorola Solutions, Intel Corporation, Salesforce, Singapore Ministry of Defence, Australia and New Zealand Banking Group Limited (ANZ), National Australia Bank Limited, non-inclusively (as well as several other firms by proxy as they hire qualified intelligence professionals trained by Treadstone 71).

Focus on targeted research of adversaries building in-depth dossiers recording methods, tactics, techniques, procedures, known associates, memberships and psychological profiles. Author Current, Research/Foundational, PESTELI, deception planning and operations, psychological operations, and Estimative Intelligence reports. Create profiles of high value targets including ‘know your customer’ profiles delivering assessments and gaps in protections with recommendations and opportunities.

Strategic Intelligence Program builds from vision, mission, guiding principles, goals, objectives, 36-month plans, policies, procedures, process flows, SOPs, KPIs, CSFs, training and awareness programs for intelligence. Building internal intelligence community programs from technical and tactical to operational and strategic including physical, competitive, business, and cyber.


Course Curriculum



Frequently Asked Questions


When does the course start and finish?
Course availability date: July 10, 2020 After July 10 - On-Demand 8 Weeks Minimum Time to complete - Expandible upon request 40 CPEs - Hands-on Case Studies
How long do I have access to the course?
8 Weeks Minimum Expandible upon request

Course syllabus and content proprietary to Treadstone 71

This course presents the student with foundational concepts and processes in the discipline of cyber counterintelligence with a focus on cyber counterintelligence missions, defensive counterintelligence, offensive counterintelligence, and counterespionage as these realms apply to traditional tradecraft, and how they are or will evolve into the cyber domain. By starting with traditional counterintelligence and progressing to cyber counterintelligence, the student will develop an appreciation for collection efforts, exploitation of potential threats, insider concerns, and the risks and benefits of counterintelligence.

With the expanding importance of the comprehensive and timely need for intelligence for nations as well as businesses, the student will explore the essential elements that make up the intelligence cycle with a focus on how these pivotal points are exploited. As part of this class, the exploration of the continued importance of critical thinking, as well as out-of¬the-box analysis, will be heavily leveraged to improve the critical-thinking skills of the students. As cyber topics continue to evolve, the increased importance of cyber intelligence is growing and as such the protection of our intelligence cycles will expand as well; emphasizing the growing need to ensure our processes are not compromised in a cyber-dominated landscape. Cyber Counterintelligence is one aspect and possibly one of the most crucial topics at the core of protecting our collection efforts. The potential for active defense or offensive cyber counterintelligence operations will be covered.

The course will rely heavily on individual research and group discussion to explore the world of cyber counterintelligence, and where applicable, make use of the student’s ability to do independent thinking and analysis of in-class problems assigned through weekly discussion threads. This course focuses on open source intelligence and adversaries while creating online personas to assist in data collection and information extraction. This introductory course examines open source intelligence collection as well as the availability and use of OSINT tools. Students will be able to understand the use methods of only anonymity, the fundamentals behind cyber persona development, enrollment in various social media sites and applications, and how these current methods can be employed in their organizations to assist in operational cyber security, their defense against adversaries, and passive data collection. The establishment of cyber personas takes patience and time to create a credible resource. Parallel activities occur through the outline above. Treadstone 71 maintains separation from the client as required maintaining confidentiality of methods and processes.

What we cover non-inclusively:

Cyber Infiltration, Information Operations, Information Support Operations National Counterintelligence Strategy, Standard Glossary and Taxonomy, Mission Based Counterintelligence, Counter Collection and Anticipation, Denial and Deception, Counter-Denial and Deception, Cyberspace, Open Source Intelligence, Methods of collection, Specific tools, Social media sites and enrollment, Methods of Social Media Research, Tools and Techniques, Social media demographics, Establish Priority Intelligence Requirements, Establish Information Requirements, Cyber Target Acquisition and Exploitation, Validation of target, Identify active adversary campaigns, Intent, Motivation, Goals, & Requirements, Passive data collection, Campaign development, Target sites, Enrollment, Tactics, techniques, and procedures, Intent, motivation, goals, and requirements, Vectors of approach, Courses of action, Elicitation and exfiltration. Generative Adversarial Networks – Deep Fakes

Perception as Deception, Social Psychology, Differences in Culture, Diversity, Hofstede Dimensions, Social Psychology, Reciprocity, Consistency, Social validation, Liking, Authority, Scarcity, Big 5 Theory of Personality, Information Warfare and Cyber Psychological Operations, Social Engineering (Phishing, Spear Phishing, Whaling, Diversion Theft, Baiting, Pretexting, Water-holing, Tailgating, CEO Fraud, Quid Pro Quo, Rogue, Honeytrap, Scams, Scareware, Fraud, Cons, Various online attack vectors and Manipulation), Target analysis and message manipulation where applicable, Persona creation, establishment, maintenance, expansion (depending upon taking Cyber Intelligence Course), Data collection – recycle for Cyber CounterIntelligence (CI) updates/improvements, Authoring of blogs and articles for influencing, Placement of specific concepts and phrases. Myers-Briggs with the Evil Side and Under Pressure manipulation

The Cyber Persona Layer, Persona creation and implementation, Cyber Persona Development and Maintenance, Character archetypes, leveraging existing, create new, Establish the storyline, Establish the plot synopsis, Story weaving and management, Snuggling, Collection, Linkages, trends, tendencies. Forum manipulation, fabrication, and controlling the narrative. Part of this section includes operational security approaches to keeping online anonymity.

Target profiles – dossiers, Target gap analysis, Define the mission so that it aligns with organizational objectives, Clandestine Collection Operation, Surveillance, Counter Surveillance, CounterIntelligence Activities, CounterIntelligence Analysis and Production, CounterIntelligence Analysis Reporting, Support Brief, Source Evaluation, Operational analysis report, Asset Evaluation, Support Package, CounterIntelligence Assessment, CounterIntelligence Campaign, Mission, Mission Management, Operations, Effects-Based Operations, Functions and Services

Socio-cultural awareness, Forty-Four online dirty tricks, Methods to Disagree, Avoid/Deny/Invoke, Cialdini’s Principles, Rules of Disinformation, Social Engineering, Propaganda, Fallacies and Prejudices, Conversation Manipulation, Deception Planning, Deception Cycle/Chain, Deception Objective, Deception Methods, Deception TTPs for Social Engineering, Target’s Vulnerabilities, Deception Effects, Target’s Decisions and Actions, Deception Principles, 10 Steps to Planning, Deceptive Course of Action, Denial and Deception Tactics and Techniques, Rules for Radicals, COINTELPRO, Iterative Feedback, Addressing Failure, Unwanted Effects.

CounterIntelligence Insider Threat, Investigations, Prepare an estimate of the situation, Prepare the plan, Support Plan, Cyber Media selection, Internet OPSEC, Product development, Pretesting - determines the probable impact on the target audience, Production and dissemination of material, Implementation, Post-testing - evaluates audience responses, Feedback, Ten Commandments of Cyber Counterintelligence, Research and analyze methods of influencing adversaries from a variety of information sources. Case Study Deliverables.

This course is unique in that it started in 2009 creating imitation political campaigns in non-existent districts in the United States. The first case studies required three student groups, each group with separate and confidential assignments within the course content. Each group developed their own political platforms based on the mission given each. The results in this safe yet online environment was a precursor to much of what we see online today with respect to misinformation, disinformation, influence operations, and hybrid warfare of a cyber type.Students created and managed conspiracy theories, social media accounts, blogs, created videos and podcasts, and delivered content targeting adversaries. Our courses are available for customization to fit organizational needs. Contact Treadstone 71 at [email protected] for more information.


Get started now!