FISMA Training - The NIST Series

NIST is coming out with new standards, updates to existing guidelines and new guidelines at a much faster rate than in previous years. Threats continue to morph, audit requirements continue to become more stringent, and CyberScope questions and audit recommendations from the previous year are being addressed while the agency awaits the 'late' arrival of new CyberScope questions for the existing year (even 5 to 6 RMFmonths into the Fiscal Year).

As the new guidance from NIST is released, many organizations do not have time to review the extensive documents and come up with a strategy to apply the guidance to their particular environments. In addition, many government agencies are so large and decentralized that many key security and agency staff do not get the message on the new standards and guidance. They are too busy with their day-to-day jobs to spend time understanding what the new information means to them.

In response to these issues, Treadstone 71 created the FISMA Focused Role Based Training. For example, our training covers all aspects of how to apply the risk management framework (RMF) as defined in NIST Special Publication 800- 37Rev1. We cover the six steps (Figure 1), roles and responsibilities, as well as how to apply the into your systems/software development lifecycle. We provide training on security program assessments as outlined in 800-100; in-depth information on how to apply and build an enterprise integrated risk management program through all three defined Tiers (800-39); the new risk management process as defined in 800-30Rev1; and the most difficult that seems to be giving many organizations trouble - defining, applying and integrating continuous monitoring through all three Tiers and control types (managerial, technical and operational) so a cohesive approach is applied. We even provide training on how best to interface with the office of inspector general (OIG) and other auditors. Treadstone 71 believes this interface and relationship should be not only amicable but also symbiotic in nature.

Contract Treadstone 71 to find out how we can help you educate your staff, integrated the new guidelines while getting ready for the next OIG audit.

Call today 1-888-714-0071 or email us at This email address is being protected from spambots. You need JavaScript enabled to view it.

Cyber CounterIntelligence Training

This course presents the student with foundational concepts and processes in the discipline of cyber counterintelligence with a focus on cyber counterintelligence missions, defensive counterintelligence, offensive counterintelligence, and counterespionage as these realms apply to traditional tradecraft, and how they are or will evolve into the cyber domain. Mitigative and retributive counterstriking is covered. An understanding of deception demonstrates the need for counterdeception as a necessary activity in the intelligence process to penetrate an adversary’s methods of concealment and deceit. 

The course follows the fundamental principles of deception, namely truth, denial, deceit, and misdirection, attempting to provide a basic framework for understanding the mechanics of deception, developing approaches for detecting and countering deception, and providing for a corresponding set of counterdeception principles. We review the cognitive vulnerabilities that are exploited by deception by way of biases and manipulation of human perceptions and beliefs. The cognitive aspects of human perception, judgment and reasoning are explored to provide a foundation from which to develop a set of counterdeception principles. The course examines the technical and non-technical methods of deception, evaluating such applications as technical and strategic cyber sensors, signal and information systems  human deception channels (PSYOPs, HUMINT) on the Internet.t71cyberrecon 

By starting with traditional counterintelligence and progressing to cyber counterintelligence, the student will develop an appreciation for collection efforts, exploitation of potential threats, insider concerns, and the risks and benefits of counterintelligence. With the expanding importance on comprehensive and timely need for intelligence for nations as well as businesses, the student will explore the essential elements that make up the intelligence cycle with a focus on how these pivotal points are exploited. 

Counterintelligence investigations, operations, collection, analysis, production, and dynamic functional CI services will be employed in support of appropriate information operations activities to detect and mitigate foreign intelligence, hacker, and insider threats to information and information systems.

As part of this class the exploration of the continued importance of critical thinking as well as out-of ¬the-box analysis will be heavily leveraged to improve the critical-thinking skills of the students. As cyber topics continue to evolve, the increased importance of cyber intelligence is growing and as such the protection of our intelligence cycles will expand as well; emphasizing the growing need to ensure our processes are not compromised in a cyber-dominated landscape. Cyber counterintelligence is one aspect and possibly one of the most crucial topics at the core of protecting our collection efforts. Legal, ethical, and privacy issues will be discussed given the inherent nature of the intelligence cycle. The potential for active defense or offensive cyber counterintelligence operations will be covered. The course will rely heavily on individual research and group discussion to explore the world of cyber counterintelligence, and where applicable, make use of the student’s ability to do independent thinking and analysis of in-class problems assigned through weekly discussion threads.

Call today 1-888-714-0071 or email us at This email address is being protected from spambots. You need JavaScript enabled to view it.

Cyber Crime Training

This course provides an look into the technical aspects of computer cybercrime investigations. It correlates cyber situations with that of traditional investigations while focusing on the threats and attacks that are used by terrorists and criminals. Counter tactics as well as methods to leverage the same tools, techniques, and processes for investigations will also be highlighted. It follows in sequence after cyber intelligence and cyber counterintelligence.
At the completion of this course, participants will be able to:

  • Understand the challenges of investigating cyber crimes
  • Develop an integral asymmetric mindset
  • Understand the multitude of legal, ethical, and privacy related issues associated with cybercrime investigations
  • Correlate and address the impact that the cyber realm has within the Criminal Justice field
  • Compare and contrast various theoretical and social perspectives used to explain cybercrime
  • Discuss and analyze the impact the cybercriminals can create on cybercrime victims, society and economic, as well as predicting emerging and controversial cybercrime issues
  • Apply cyber laws, regulations, and cybercrime-related legal concepts to explaining cybercrime activities
  • Explain important steps law enforcement use to investigate cybercrime cases and bring the cases to trial
  • Analyze the potential effectiveness of the federal government’s responses to addressing cybercrime and threat to critical information infrastructures
  • Understand the importance and use of Mutual Legal Assistance Treaties and Letters Rogatory
  • Cyber Criminal investigations objectives:  1) Determine if a crime was committed; 2) Collect information and evidence legally to identify who was responsible; 3) Apprehend the person responsible; 4) Recover stolen property; 5) Present the best possible case to the prosecutor; and 6) Provide clear, concise testimony.

Cyber Intelligence Training Class

Cyber Intelligence Training

This four day course examines Sherman Kent’s Analytic Doctrine from the cyber perspective as well as the availability and use of OSINT tools. Students will be able to understand the cyber intelligence lifecycle, the role and value of cyber intelligence relative to online targeting and collection, in modern organizations, businesses, and governments at the completion of this course. In addition, students will understand: the use methods of only anonymity, the fundamentals behind cyber intelligence collection and analysis and how these current methods can be employed in their organizations to assist in online operational security and in their defense against adversaries. The course is a combination of lecture, hands-on and student deliverables seen by many as an apprenticeship.t71arabic

Upon completion of the course, each student will be able to:

  1. Identify the differences and intersections between open source data, open source information and open source intelligence
  2. Understand the role and value of cyber intelligence relative to online targeting and collection, in modern organizations, businesses, and governments at the completion of this course
  3. Understand the use of online anonymity
  4. Understand collection and analysis of online human intelligence, geospatial information, imagery intelligence, and cyber intelligence
  5. Understand the fundamentals behind cyber intelligence collection and analysis and how these current methods can be employed in their organizations for prevention
  6. Understand the basics of Analysis of Competing Hypotheses (ACH) tool and usage
  7. Gain the ability to use open source intelligence tools to target, collect, produce and analyze data points into actionable intelligence.
  8. Understand how to quickly examine the data for new targeting and potential immediate recommendations and/or opportunities
  9. Understand how to gather information based upon provided targets
  10. Understand how to use several OSINT tools for data collection
  11. Understand how to collect, product and analyze data that provides my organization with a valid view of its Cyber-OPSEC posture
  12. Understand what type of information my adversaries know about my organization and how students can use this to enhance organizational security postures and improve prevention through situational awareness

This class is for anyone wishing to learn about cyber intelligence concepts and methods using open source tools for operational security, infiltration, analysis, recommendations and opportunities presentations, that provide their organizations with immediate understanding of their Internet attack surface. Students wishing to understand adversarial methods and concepts surrounding the virtual manifestation of the traditional intelligence tradecraft are urged to attend.

Call today 1-888-714-0071 or email us at This email address is being protected from spambots. You need JavaScript enabled to view it.

Search Our Site

Treadstone 71 - We See What Others Cannot

The Cyber Intelligence Training delivered and created by Jeff Bardin adds rapid returns to both Cyber Intel Analysts, and Security Ops Centers.  Each student receives quality instruction and hands-on experience with today’s OSINT tools and intelligence tradecraft.  This is necessary for anyone new to Cyber Intelligence and complimentary to any Security Operations within your enterprise. This 4.5-day class provides the student with the resources and fundamentals needed to establish cyber intelligence as a force as both a proactive offensive step and a counter intelligence-contributing arm of your larger team.  – Antonio, 

Fortune 100 Company

line2

Upcoming Classes

Current Courses (dates, locations, topics subject to change):
Cyber Intelligence Reston - October 2017 (October 16-20)


2018 Course Dates - Locations TBD
January 22-26 Cyber Intel - Amsterdam, NL

February 5-9 Cyber Intel - Tysons Corners Virginia
March 19-23 Cyber Intel - Chantilly Virginia
April 2-6 Cyber Intel - London, UK

April 30 – May 4 Cyber Counter - Los Angeles California

May 14-18 Cyber Intel - San Jose, CA
June 18-22 Cyber Intel - Reston, Virginia
Aug 13-17 Cyber Intel - Chicago, IL
Sep 17-21 - Cyber Intel - Boston, MA
Oct 15-19 Cyber Counter - Reston, VA
Nov 5-9 Cyber Intel - Denver, CO
Dec 3-7 Cyber Counter

Students and organizations taught (non-inclusively):

AIB, American Express, Capital One, Commonwealth Bank, Bank of America, ING, NCSC NL, Defense Security Services, PNY, Dell Secureworks, HPE Security, EclecticIQ, Darkmatter (AE), General Electric, General Motors, PNC, Sony, Goldman Sachs, NASA, DoD, East West Bank, Naval Air Warfare Center, VISA, USBank, Wyndham Capital, Egyptian Government, DNB Norway, Euroclear, Malaysian Cyberjaya, People's United Bank, Baupost Group, Bank of North Carolina, Fidelity Investments, Citi, Citigroup, T. Rowe Price, Wells Fargo, Discover, Blackknight Financial Services, Intercontinental Exchange (ICE), Citizens Financial Group, Scottrade, MetLife, NY Life, Synchrony Financial, TD Ameritrade, National Reconnaissance Office, FBI, Stellar Solutions, Lockheed Martin, Harvard Pilgrim, State of Florida, Deloitte, Ernst and Young, Mitsubishi, Tower Research, Geller & Company, KeyBank, Fannie Mae, BB&T, Aviation ISAC, JP Morgan Chase, Barclays, Nomura International, ING, Finance CERT Norway, BBVA, Santander, Bank of America, Equifax, BNY Mellon, OCC, Verizon, Vantiv, Bridgewater Associates, Bank of Canada, Credit Suisse, HSBC, International Exchange, Vista Equity Partners, Aetna, Betaalvereniging Nederland, non-inclusively (as well as several other firms by proxy as they hire qualified intelligence professionals trained by Treadstone 71).

Terms of Use - Privacy Policy - Course EULA

  Treadstone 71 Cyber Intelligence Services

  Treadstone 71 Expands Groundbreaking Services

 

Cyber Jihad - 2008-2011 Compilation Part 1

 

Cyber Jihad - 2008-2011 Compilation Part II

 

Iran Cyber Proxies and Capabilities 

Gaming as a Method of Jihadist Training

 

 

 

 

 

 

 

Treadstone 71 Cyber Intel Services / Training

Stuxnet