Building and Enhancing Your CTI Program with Strategic Intelligence Analysis - The Formula!
Build and Enhance Your CTI Program - Intensive and In-depth Hands-on - 10 Additional Lectures with Templates and Examples - Learn and Build at the same time
Watch Promo Enroll in an Intel CourseBuilgind Your Cyber Intelligence Program
This online course teaches, instructs, guides, and aids students in building a proper cyber intelligence program. We begin from nothing supplying guidance proven through program build campaigns across different verticals and four continents.
We designed the course to guide organizations in their cyber and threat intelligence program builds through online lectures, demonstrations, and templates covering the full intelligence lifecycle at a minimum. After years of teaching intelligence courses and delivering intelligence programs to clients, Treadstone 71 now offers this step-by-step course. We take students through the strategic planning process, goals and objectives creation, stakeholder analysis, adversary targeting and threat matrices creation, priority intelligence requirements, collection planning, structured analytic technique usage, analysis, maturity assessments, SOP development, threat intelligence platform selection, analytic writing, and dissemination non-inclusively.
The program includes instructional videos tied to content with periodic direct access to Treadstone 71 for client deliverable reviews. We supply templates and examples that you can use, change, or get ideas from. Artifacts specifically designed for past clients. The peer-review process follows a standard cycle including comments, suggestions, recommendations, and examples of previously finished products. Treadstone71 also offers regular ‘professor’ office hours for Q&A as requested in Office Hour Packs.
The program follows proven methods established over the years while creating intelligence programs. Clients move at a regular pace that corresponds with their internal schedules that Treadstone 71 helps to set up with the client.
We offer the program in different definitive sections giving students time to work artifacts, ideas, and the program with their stakeholders. The program also offers the standard Cyber Intelligence Tradecraft Certification training as an add-on.
Syllabus
|
Section |
Content |
|
Course Title |
Building and Enhancing Your CTI Program with Strategic Intelligence Analysis |
|
Course Description |
Step‑by‑step self‑paced course guides students from zero to a fully operational cyber intelligence program. Content draws on proven methods across four continents and follows the full intelligence lifecycle. Online lectures, demonstrations and peer‑reviewed templates enable learners to produce strategic plans, maturity assessments, SOPs, collection plans, analytic products and dissemination models. |
|
Target Audience |
Intelligence team leads, cyber threat program managers, SOC and IR leadership, CISO/CSO and CIO staff, security operations teams, enterprise risk officers and consultants seeking to build or mature an in‑house cyber intelligence capability. |
|
Prerequisites |
Familiarity with basic cybersecurity concepts and organizational risk management. |
|
Learning Objectives |
Participants will develop mission, vision and guiding principles; conduct stakeholder analysis; create adversary targeting matrices and priority intelligence requirements; design collection workflows with chain‑of‑custody controls; apply structured analytic techniques and ACH; produce intelligence reports and briefings; define SOPs, RACI models and process flows; assess program maturity; select and configure threat intelligence platforms; and implement an ongoing training and peer‑review cycle. |
|
Course Format |
On‑demand video lectures, live office hours and template reviews via scheduled calls. Peer‑review cycles and direct access to Treadstone 71 for feedback. |
|
Technical Requirements |
Internet access; modern web browser with extension‑installation permissions; ability to download and edit document templates; PC or laptop capable of handling standard office software. |
|
Module Outline |
See module table below. |
|
Assignments & Assessments |
Quizzes accompanying key lessons; hands‑on assignments producing real artifacts (stakeholder maps, matrices, SOP drafts, collection plans and analytic reports); peer‑review feedback rounds; capstone deliverable of a complete program package. |
|
Resources & Readings |
Downloadable templates and examples from past client engagements; reference materials on IAFIE standards, Sherman Kent School directives and intelligence community best practices; curated articles on maturity models and platform selection. |
|
Schedule & Timeline |
Self‑paced with all modules available on demand; suggested 12‑week progression aligned to weekly module releases. |
|
Instructor Information |
Treadstone 71 subject‑matter experts. Access via class email, office hour packs and scheduled video conferences. |
|
Certification & Credits |
Certificate of Completion in Cyber Intelligence Program Development. Continuing Professional Education credits available upon request. |
Module‑by‑Module Outline
|
Module # |
Module Title |
Summary of Topics Covered |
Assignment or Activity |
|
1 |
Data Provenance, OPSEC and Persona Construction |
Chain‑of‑custody rules; browser‑based evidence capture with Hunchly; rules of engagement and safe persona development |
Produce an OPSEC plan and Hunchly capture demonstration |
|
2 |
Strategic Intelligence Analysis Part I |
Foundations of strategic planning; mission, vision, guiding principles; goals and objectives creation |
Draft vision, mission and guiding principles |
|
3 |
Building Program – Stakeholder Analysis |
Stakeholder domain mapping; influence vectors; tracking and prioritization; introduction to RACI and process flow diagrams |
Create a stakeholder map with RACI definitions |
|
4 |
Strategic Intelligence Analysis Part II |
Priority intelligence requirements; adversary targeting matrices; threat taxonomy templates |
Develop targeting matrix and PIR document |
|
5 |
Collection Planning and Source Management |
Collection lifecycle; open‑source tools and browser add‑ons; Mitre ATT&CK for planning; source evaluation criteria |
Design a collection plan with tool selection and provenance controls |
|
6 |
Analytic Techniques and ACH |
Structured analytic techniques overview; introduction to ACH; bias mitigation; cognitive elements in analysis |
Conduct an ACH exercise on a sample scenario |
|
7 |
Strategic Intelligence Analysis Part III and Writing |
Analytic writing best practices; BLUF and AIMS structuring; report templates and briefing formats |
Draft and peer‑review an intelligence report |
|
8 |
Structured Analytic Techniques Deep Dive |
Advanced SATs including STEMPLES Plus and Hofstede indicators; visual logic maps; critical‑thinking tool integration |
Apply STEMPLES Plus to a real or simulated intelligence case |
|
9 |
Program Maturity Assessment and SOP Development |
Capability maturity model assessment; SOP drafting; standard operating procedures for collection, analysis and dissemination |
Develop an SOP draft and maturity self‑assessment worksheet |
|
10 |
Threat Intelligence Platform Selection and Metrics |
RFP process; vendor data feed evaluation; platform comparison criteria; metric identification for performance measurement |
Produce a platform selection report with metric definitions |
|
11 |
Implementation, Training and Knowledge Transfer |
Peer‑review cycles; office‑hour pack utilization; training plans for staff certification; continuous improvement processes |
Create a training and knowledge‑transfer schedule template |
|
12 |
Capstone Program Assembly and Final Delivery |
Integration of all artifacts into a comprehensive program package; tabletop exercise demonstration; argument mapping of program strategy; final presentation to stakeholders |
Assemble and present the complete cyber intelligence program |
What do you have at the end of the program?
As clients carefully follow the training and timelines, executing the deliverables internally, clients will have built a complete cyber threat intelligence program. The program definition, strategy, policies, procedures, process flow diagrams, roles, responsibilities, templates, models, methods, tactics, techniques, reports, dissemination models, briefings, table-top exercises, as well as certified Cyber Intelligence Tradecraft professionals are all core components of what clients achieve.
We offer the standard model that follows the cyber intelligence lifecycle with standard office hours. We also offer added Office Hour Packs beyond the standard. Should you wish to certify staff during the training, we can upgrade you to the Certification module. Lastly, we also offer the most comprehensive add-on, the Strategic Intelligence Analysis upgrade. How do you know which is best for you? We take you through the first reviews and assessments to decide what best suits your culture, needs, and pricing model.
If you wish to learn more, contact us to schedule a review of this extensive and comprehensive assisted training program.
Your Instructor
Treadstone 71 is a woman and veteran-owned small business exclusively focused on cyber and threat intelligence consulting, services, and training. We are a pure-play intelligence shop.
Training dates and locations here
Since 2002, Treadstone 71 delivers intelligence training, strategic, operational, and tactical intelligence consulting, and research. We provide a seamless extension of your organization efficiently and effectively moving your organization to cyber intelligence program maturity. Our training, established in 2008, follows intelligence community standards as applied to the ever-changing threat environment delivering forecasts and estimates as intelligence intends. From baseline research to adversary targeted advisories and dossiers, Treadstone 71 products align with your intelligence requirements. We do not follow the create once and deliver many model. We contextually tie our products to your needs. Intelligence is our only business.
- We use intuition, structured techniques, and years of experience.
- We supply intelligence based on clearly defined requirements.
- We do not assign five people to do a job only one with experience.
- We do not bid base bones only to change order you to overspending.
We are known for our ability to:
- Anticipate key target or threat activities that are likely to prompt a leadership decision.
- Aid in coordinating, validating, and managing collection requirements, plans, and activities.
- Monitor and report changes in threat dispositions, activities, tactics, capabilities, objectives as related to designated cyber operations warning problem sets.
- Produce timely, fused, all-source cyber operations intelligence and indications and warnings intelligence products (e.g., threat assessments, briefings, intelligence studies, country studies).
- Provide intelligence analysis and support to designated exercises, planning activities, and time-sensitive operations.
- Develop or recommend analytic approaches or solutions to problems and situations for which information is incomplete or no precedent exists.
- Recognize and mitigate deception in reporting and analysis.
Assess intelligence, recommend targets to support operational objectives. - Assess target vulnerabilities and capabilities to determine a course of action.
- Assist in the development of priority information requirements.
- Enable synchronization of intelligence support plans across the supply chain.
- ...and Review and understand organizational leadership objectives and planning guidance non-inclusively.