High Level Benefits of the Cyber Intel Course
- Published: Saturday, 22 June 2013 18:44
This course examines Sherman Kent's Analytic Doctrine from the cyber perspective as well as the availability and use of OSINT tools. Students are able to understand the cyber intelligence lifecycle, the role and value of cyber intelligence relative to online targeting and collection, in modern organizations, businesses, and governments at the completion of this course and, use of our advisory services.
Corporations and other private sector agencies and organizations, increasingly aware of cyber threats, are adding departments and employees to help anticipate and fight cybercrimes, hacktivists, state and non-state actors. This can cost clients more than €8 million per day. Clients learn the cyber intelligence lifecycle.Clients study the role and value of cyber intelligence relative to their organization.Clients develop skills in online targeting and collection, in modern organizations, businesses, and governments.
Clients learn the methods of their adversaries. Time is of the essence when protecting your organization's critical information assets against cyber threats. At times, days or even months can pass before vulnerabilities in your environment are patched, increasing business risk and expanding the window of exposure.
The services use traditional intelligence tradecraft adopted for the Internet.
Clients understand the extent and depth of their Internet attack surface. (Treadstone 71 Intelligence Strategic Planning and Program Development)
Why do we need skills in cyber intelligence? Treadstone 71 works with clients to rapidly build effective and efficient intelligence capabilities. We have assisted organizations in the:
- Identification, collection, assessment, development, and dissemination of Internet-based open source intelligence within surface Internet, darknet in support of the protection of the businesses physical and infrastructure as well as staff and clients.
- Effectively managing, analyzing, extrapolating and visualizing salient data identified from multiple work streams and data sources including Internet-based open source intelligence research and bilateral investigations using relevant tools and methodology to produce high-quality analytical reporting.
- Providing actionable intelligence and operational support in the form of detailed high-quality Internet-based open source intelligence reporting in support of the businesses physical and infrastructure as well as staff and clients.
- Working with internal and external stakeholders (including law enforcement) to provide enhanced capabilities for the proactive identification and attribution of threats, activities and threat actors, including cyber criminal actors.
- Regularly communicating analysis in respect to physical and cyber threat campaigns, threat actors and threat evolution placing into context the resulting current and future threat to their organization.
- Developing innovative skills and capability to deliver team objectives.
- Contributing to the growth of the team’s operational capability and delivery by utilizing (self-learning if necessary) suitable tools and analysis.
- Managing and responding to stakeholder intelligence requirements, producing proper output for a range of audiences from Board level through to frontline staff.
- Developing and keeping relationships with a wide range of internal stakeholders and external partners, officials and peers.
Today we deal with data and data points. Methods of analysis are not used nor understood. Information Technology staff struggle delivering actionable information useful to organization leadership. In fact, the concept of what is actionable is difficult for staff to articulate. Below are current deficiencies organizations face understanding the data they receive and do not receive:
Data is technical in nature.
Data is dictated by nuances and bias of the technologies in place.
Data is used for detection.
Data is not effectively organized for analysis.
Analysis is limited to technical trending and patterns.
Analysis, if it occurs, does not follow rigor and standard methods.
Reporting to senior leadership does not address their concerns and needs.
Metrics are not actionable, timely or accurate.
Personal agendas are part of the reporting.
Alternatives are not considered.
Analytic bias are unconsciously included in reports skewing the results.
There is an unwillingness to consider other judgments.
Outside experts are not used.
Responsibility for the judgment(s) is not collective.
Sources are not validated for credibility.
Sources are not verified for relevance.
Data and information gaps are not understood or communicated.
Concepts surrounding critical thinking are foreign to IT organizations.
Admission of mistakes is limited and/or hidden.
Data and information is not usable or complete.
Cyber Intelligence Training and Services ensures clients:
Identify the differences and intersections between open source data, open source information and open source intelligence
Understand the role and value of cyber intelligence relative to online targeting and collection, in modern organizations.
Understand the use of online anonymity
Understand their Internet attack surface:
Methods to remediate attack surface issues
Step by step methods to implement the program
Ideas for policy and procedure changes
Integration with traditional technical penetration testing and threat vulnerability assessments
New methods that identifies least path of resistance
Understand collection and analysis of online human intelligence, geospatial information, imagery intelligence, and cyber intelligence (all source)
Know the fundamentals behind cyber intelligence collection and analysis
Deliver accurate reports on time with complete data
Remove bias from reporting
Build rigor and stand methods of intelligence into their programs
Quickly examine the data for new targeting and potential immediate recommendations and/or opportunities
Develop methods for critical thinking
Build skills and capabilities in OSINT tools for data collection
Move from see, detect and arrest to prevention and prediction
Align technical with social networking data.
Create information of value
Deliver actionable intelligence that is accurate and complete
Understanding link, trend, pattern, tendency, and anomaly analysis
Develop capabilities that anticipate adversarial actions
Reduce analytic cycle time
Provide leadership with recommendations and opportunities
Deliver the bottom line up front each time, every time
Cyber Intelligence Training and Program development assists organizations to:
- Drive strategy to define and deliver the analytic reporting;
- Expand intelligence team capabilities to aggregate data, information, and intelligence from both internal and external sources;
- Hold the organization to account to reflect the client and stakeholder perspectives into its everyday actions; and
- Create and embed the behavioral, target-based, analytic methods;
- understand methods to support the governance of external data collections required across the organization through provisioning of an ad-hoc collection service and managing organizational feedback questionnaire;
- Promote and embed organizational intelligence services including establishing and building processes, products, making the best use of technology, and building effective relationships;
- Make the most appropriate use of data and information to join up intelligence and engage with stakeholders across your organization to produce credible intelligence products;
- Manage effective engagements with internal stakeholders to gain an understanding of their requirements to deliver appropriate intelligence services and products;
- Promote any intelligence service and products; (Intelligence as a Force Multiplier)
- Find new, and managing existing, relationships with stakeholders;
- Engage with external contacts to build new and develop existing relationships with organizations, data providers, and technology vendors.
- Exploit existing resources and tools to shape credible intelligence and proactively seeking new ways to enhance and improve the intelligence service offerings;
- Improve processes, approaches, and tools to deliver the most efficient and effective service your organization;
- Support the cyber, threat, business, and competitive intelligence leads in managing the delivery of key products;
- Deliver presentations and training to support the team and internal stakeholders in understanding our intelligence services;
- Support and shape strategic technology requirements to support intelligence processes;
- Provide mentoring and coaching for colleagues and;
- Actively contribute to wider departmental intelligence activities and initiatives.
“The Cyber Intelligence Training delivered and created by Jeff Bardin adds rapid returns to both Cyber Intel Analysts, and Security Ops Centers. Each student receives quality instruction and hands-on experience with today’s OSINT tools and intelligence tradecraft. This is necessary for anyone new to Cyber Intelligence and complimentary to any Security Operations within your enterprise. This 5-day class provides the student with the resources and fundamentals needed to establish cyber intelligence as a force as both a proactive offensive step and a counter intelligence-contributing arm of your larger team. – Student, Fortune 100 Company”