The Building & Enhancing Your CTI Program with Strategic Intelligence Analysis program is a 12-week intensive cyber threat intelligence certification that simultaneously trains strategic analysts and walks them through building or maturing a CTI program — covering data provenance with Hunchly, MITRE ATT&CK and Diamond Model integration, Treadstone 71's 30 Advanced Structured Analytic Techniques with AI, ODNI ICD 203 and ICD 206 alignment, STEMPLES Plus, Hofstede Principles, the Adaptive Intelligence Lifecycle, and full CTI organizational design (vision, mission, Cyber Intelligence Maturity Model, SOPs, TIP selection). Graduates produce decision-ready estimative forecasting, run formal Analysis of Competing Hypotheses, brief leadership using ICD 203-equivalent analytic writing standards, and deliver a complete cyber intelligence program design — IAFIE-aligned, NICCS-listed, and mapped to the NICE Workforce Framework for Threat Analysis, All-Source Analysis, and Cyber Defense Analysis work roles.
What You Will Learn
Strategic analyst tradecraft plus complete CTI program build across 12 intensive weeks
- Data provenance, OPSEC, and persona tradecraft — Hunchly-driven case workflows, persona Rules of Engagement, and the Treadstone 71 Adaptive Intelligence Lifecycle
- Technical threat framework integration — MITRE ATT&CK in depth (125+ minutes), the Cyber Kill Chain, the Diamond Model, and Blue / Red / Purple team intelligence flows
- Strategic Intelligence Analysis foundations — full five-part SIA curriculum, stakeholder analysis and tracking, intelligence requirements development, and adversary targeting at the program level
- Critical thinking and cognitive bias mitigation — 258 minutes of dedicated critical thinking instruction plus cognitive bias modules and applied debiasing exercises
- Analysis of Competing Hypotheses and 30 Advanced SATs with AI — Treadstone 71's proprietary 30 Advanced Structured Analytic Techniques integrated with generative AI for analytic acceleration without surrendering judgment
- STEMPLES Plus, Indicators of Change, and Hofstede Principles — strategic foresight framework for assessing adversary state-level capabilities, cultural patterns, and behavioral indicators
- ODNI-aligned analytic writing and reporting — ICD 203 Analytic Standards, ICD 206 Sourcing Requirements, BLUF and AIMS formatting, and strategic reporting templates for executive consumption
- Complete CTI program build — vision, mission, goals, objectives, Cyber Intelligence Maturity Model (CICMM), Standard Operating Procedures, Threat Intelligence Platform (TIP) selection, CTI organizational structure, argument mapping, and operational tabletop exercises
What You Will Be Able To Do After
Concrete operational and program-level capabilities upon completion
- Build or mature a complete Cyber Threat Intelligence program from vision through TIP selection and operational standup
- Produce estimative forecasting and warning intelligence assessments meeting ODNI ICD 203 and ICD 206 federal standards
- Apply Treadstone 71's 30 Advanced Structured Analytic Techniques with AI augmentation to contested and time-sensitive judgments
- Integrate MITRE ATT&CK, the Cyber Kill Chain, and the Diamond Model into intelligence-driven detection engineering and threat hunting workflows
- Run formal Analysis of Competing Hypotheses matrices, argument mapping sessions, and structured peer review of analytic products
- Design and document Cyber Intelligence Maturity Model assessments, Standard Operating Procedures, and CTI organizational structure aligned to stakeholder and mission requirements
- Conduct stakeholder analysis, intelligence requirements development, and adversary targeting at the program level with documented priority information requirements (PIRs)
- Brief executive and operational leadership using ICD 203-aligned confidence language, BLUF and AIMS-formatted products, and decision-ready recommendations mapped to NICE Workforce Framework roles
Who This Is For
- CTI program leads building a new cyber threat intelligence function or maturing an existing one against the Cyber Intelligence Maturity Model
- Strategic intelligence analysts moving from indicator-driven reporting into estimative forecasting and program-level analytic work
- Security leaders and CISOs sponsoring CTI program build engagements or running maturity assessments against federal standards
- SOC managers and detection engineering leads integrating MITRE ATT&CK and intelligence-driven detection workflows under a formal CTI program
- Federal civilian and defense analysts requiring ODNI ICD 203 / ICD 206 alignment and NICE Workforce Framework mapping for Threat Analysis, All-Source Analysis, or Cyber Defense Analysis roles
- Consultants and advisory practitioners delivering CTI program build or maturity assessment engagements to commercial or government clients
- Cross-discipline analysts from military intelligence, financial crimes, or law enforcement transitioning into cyber-domain strategic analysis with program build responsibility
Prerequisites
- No formal prerequisites required — open enrollment, civilian-accessible (no clearance required)
- Recommended: foundational cyber intelligence, security analysis, or analytic discipline background; familiarity with the intelligence lifecycle
- Helpful: prior exposure to MITRE ATT&CK, basic SATs, OSINT tooling, or CTI program operations
- Technical: a workstation capable of running a browser, VPN, MS Office, OSINT tools, and generative AI assistants; corporate or institutional email address for enrollment validation
How This Program Differs From Other CTI Training
Most CTI training forces a choice — either learn to analyze (SANS FOR578, CTI certifications) or learn to build a program (vendor maturity workshops, advisory engagements). This 12-week intensive is the only program that does both simultaneously: graduates leave with strategic analyst tradecraft AND a complete CTI program design (vision, maturity model, SOPs, TIP selection, organizational structure) under explicit ODNI ICD 203 / ICD 206 federal alignment.
| Dimension | T71 CTI Program Build + Strategic Intel | Typical Alternative |
|---|---|---|
| Scope | Build a CTI program WHILE learning strategic analysis — 12-week intensive | Analyst training OR program build, never both |
| Federal alignment | ODNI ICD 203 (Analytic Standards) and ICD 206 (Sourcing Requirements) explicit | NIST CSF, ISO 27001, or compliance frameworks only |
| SAT depth | Treadstone 71's 30 Advanced Structured Analytic Techniques with AI integration | 2-4 SATs referenced, rarely with AI augmentation |
| Technical framework integration | MITRE ATT&CK in depth, Kill Chain, Diamond Model integrated with analytic tradecraft | Frameworks taught in isolation from analytic methodology |
| Strategic foresight | STEMPLES Plus, Indicators of Change, Hofstede Principles, Adaptive Intelligence Lifecycle | Not addressed |
| Program design deliverables | Vision, mission, CICMM maturity model, SOPs, TIP selection, CTI org structure | Not addressed or template-only |
| NICE Workforce Framework | Mapped to Threat Analysis, All-Source Analysis, Cyber Defense Analysis roles | Not mapped |
| Operational lineage | Built from T71's master's-level Utica College curriculum and 2002+ field operations | Recent vendor curriculum without operational heritage |
Treadstone 71 is a veteran-owned cyber intelligence firm operational since 2002, codifying CIA and DIA-style intelligence tradecraft for the cyber domain. The firm's foundational capability rests on a rare synthesis of United States Air Force cryptologic linguistics (Arabic and Russian), United States Army armored reconnaissance, academic study of Middle Eastern and Russian history, language, and political systems at Trinity College, Middlebury College, and Colgate University, and direct in-country immersion in Jeddah, Kingdom of Saudi Arabia during the formative years of the modern jihadist movement (1988–89). A Master of Science in Information Assurance from Norwich University extends the field tradecraft into enterprise-scale risk management. The aggregate methodology has been continuously refined across four continents of operational engagement.
Treadstone 71 was honored with the 2007 RSA Conference Award for Excellence in the Field of Security Practices and the 2007 SC Magazine Award for Best Security Team. Operational engagements span clandestine cyber HUMINT (including sustained adversary persona operations within Al-Qaeda and Taliban networks), real-time OSINT support to the Boston FBI following the 2013 Marathon bombing, FBI special-agent OSINT instruction, and senior-leader briefings at NATO Cooperative Cyber Defence Centre of Excellence (CyCon, Estonia), the United States Naval Academy, the Air Force Institute of Technology, and Johns Hopkins. Treadstone 71 is a founding member of the Cloud Security Alliance and holds board seats with Boston InfraGard, the Potomac Institute for Policy Studies, and the Journal of Law and Cyber Warfare.
From 2009 to 2014, Treadstone 71 codified field-tested clandestine cyber tradecraft into the first master's-level cyber intelligence curriculum, established at Utica College, with parallel instruction in Information Security Risk Management at Clark University. The Cyber Intel Training Center is the operational continuation of that curriculum — IAFIE-aligned, PHIA-standards-compliant, and listed in the CISA NICCS cybersecurity workforce development catalog. Treadstone 71 has authored or contributed to The Illusion of Due Diligence — Notes from the CISO Underground, Current and Emerging Trends in Cyber Operations, and multiple editions of the Computer Information Security Handbook, and appears as a primary subject-matter expert on CNN, CBS News, Fox News, BBC Radio, BBN, and i24News.
Need a CTI program built or matured for you rather than building it yourself? Treadstone 71's consulting practice delivers full Cyber Intelligence Program Build engagements end-to-end — vision through operational standup, maturity assessment against the Cyber Intelligence Maturity Model, and ongoing analyst mentorship.
Explore Cyber Intelligence Program Build at Treadstone 71 →Begin Your CTI Program Build & Strategic Intelligence Path
Self-paced enrollment with 12-month unlimited access (expandable upon request). Twelve weeks of structured curriculum delivering both strategic analyst tradecraft and a complete cyber intelligence program design.
$4,999 USD Installment plan available · 12% off with code TWELVEROFF at checkoutScroll up to use Teachable's enroll button, or contact info@treadstone71.com for enterprise / multi-seat licensing or government procurement inquiries.