All too often we see organizations receive information on threat actors only to point-and-shoot when it comes to collection. There is little to no structure in this critical task that drives all intelligence production, analysis, and analytic writing.

ON-DEMAND COURSE 

This course prepares the organization’s designated intelligence professional as the person in charge of managing collection planning, staffing, targeting, ensuring integrated, synchronized, and deconflicted collection actions. As information is received from internal requests for information, analysis of existing data, information, and intelligence on the subject in question, the collection manager correlates and determine gaps in preparing the collection plan. This course prepares students in the development of collection requirements, designed to maximize the effectiveness of your limited resources covering what may seem as vast areas of online targets. The course assists the collection manager in determining where to look when to look, and what to look for. We provide students with situation and event templates, how to fill them out, how to manage the ever-changing problem iteratively, and how to establish collection priorities base on the courses of action the threat actor may likely adopt.

The collection manager works with the intelligence and priority intelligence requirements to develop the collection plan translating these into specific information requirements used to provide targeting while managing the availability and capabilities of the collection/research team.

The course prepares the collection manager with the following non-inclusively:

  • Collection Planning Screening Sources
  • Interpretation of Stakeholder Needs Data Segmentation and Prioritization
  • Intelligence Requirements Establishing a program of record
  • Essential elements of information Targeting
  • Analysis of requirements against the existing knowledge base Open Source Collection
  • What do you have? Tools, Methods, Resources
  • What do you not have? Using the TIP
  • What is the gap? Vendor Report Reviews
  • Where and how will you acquire that data? Threat Intelligence Platform Use and Data Extraction
  • How much time do you have? Tagging strategies
  • STEMPLES Plus – Strategic Analysis
  • What skills do you have to accomplish the task? Rules of Engagement
  • What skills do you not have? Escalation Guidelines and Rules
  • Mission and Requirements Management Passive Collection
  • Convert RFI’s to collection requirements Observables
  • Data Provenance
  • Collection Manager Communications and Sharing
  • Support to Leadership
  • Purpose of Stakeholder Analysis
  • Questions used to organize your products
  • Know your customer checklist
  • Getting started checklist
  • High-level process overview
    • How to Communicate Up
  • Steps to follow
    • Sample Invitation Letter
  • Strategic Questioning and Listening
    • Active and Empathic Listening
  • Stakeholder Collection and Tracking Model
    • Reporting formats for real-time interaction
    • Choices of visual support materials
    • Stakeholder Impact and Influence
  • Stakeholder Tracking
  • Priority Intelligence Requirements (PIR) – What are they?
    • Intelligence Requirements
  • Common Adversaries
  • Information Requirements Process Flow
    • Intelligence Requirements
    • Essential Elements of Information
    • Specific Information Requirements
    • Indicators
    • The Overall IR Process Flow
  • Targeting – Intelligence Collection
  • Information Required Prior to Intelligence Requirements
  • Prioritization
    • What is an Intelligence Requirement
    • What is a Priority Intelligence Requirement
    • Prioritization continued
  • Collector/Analyst Need to Understand
  • Stakeholder knowledge of their systems and data
  • Intelligence Team Priority Intelligence Requirements Examples
  • Collection – Research RACI
  • Indicators and Warnings
  • Intelligence Requirements Tracking
  • Get them to requirements
  • What is D3A?
  • D3A Targeting Requirements
    • Adversary Identification
    • Breakdown
  • Bring in Stakeholder Requirements
  • What is F3EAD?
  • The D3A/F3EAD Integrated Process
    • Aligned to the Cyber Threat Intelligence Lifecycle
    • Integrated Lifecycle Breakdown
    • The Full Lifecycle
    • The Treadstone 71 D3A and F3EAD Diagram and Intel Lifecycle
  • Logical Adversaries to Intelligence Requirement Development
    • Building Threat Matrices
    • Simple to Complex
    • Inclusion of ATT&CK Groups aligned to Nation-States
  • Threat Matrices
    • Simple to Complex
  • Wrap-up // Q&A
  • The Six Categories – ASCOPE
    • Area
    • Structures
    • Capabilities
    • Organizations
    • People
    • Events
  • D3A Targeting F3EAD
  • STEMPLES Plus
    • Social
    • Technical
    • Economic
    • Military
    • Political
    • Legal/Legislative
    • Educational
    • Security
    • PLUS
    • Religion
    • Demographics
    • Linguistics
    • Psychological
    • Other
  • Indicators of change
    • Motive thru Capabilities
      • Levels of Concern
      • Examples
  • Hofstede Principles
    • Power and Distance
    • Individualism and Collectivism
    • Masculinity and Femininity
    • Uncertainty Avoidance
    • Long Term and Short Term
    • Indulgence and Restraint
    • Hofstede Country Comparison Exercise
  • Strategic Analysis with STEMPLES
  • Indicators – Indicators of Change Matrices
  • STEMPLES Plus Template and Example
  • Definition
  • Requirements Management
  • Mission Management
    • Mission Analysis
    • Gaps
  • Collection Planning
    • Simplified Process
  • Collection Strategy
    • Intelligence Collection Synchronization
    • Red Team Support
    • Collection Tasking
  • Collection Operations
    • Principles
  • Collection Manager Tasks
    • Bringing in Intelligence Requirements
    • A Multidisciplinary Approach
    • Prioritization of Requirements
    • Available Assets
    • Iterative re-tasking Continuous monitoring of collection results
    • Anticipate collection requirements Meeting SIR requirements
  • Operational Security Rules (OPSEC)
    • Laptops and Access
    • Like a SCIF
    • The anonymity of your passive collection
    • List of items to consider
    • Standards and words to follow
    • Browser plug-ins / extensions
    • Recommended Software
    • Standard Desktop
  • Rules of Engagement (RoE)
    • Purpose
    • Pre-conditions required for RoE
    • Team Roles and Responsibilities
    • Use of Cyber Personas
    • Rules for the Rules
    • Internal and External Threats
    • Tools and Resources – High-Level
    • Escalation Cycle
  • Cyber Persona Methods and Techniques
    • Concepts – Logline
      • Establish the Logline – Create the Plot
    • Persona Archetypes
      • Archetype Review and Understanding
      • 16 Persona Motivations
      • Persona Perception
      • Persona Link Analysis
        • Types of Links to Consider
      • Persona Characterization
      • Persona Profile Sketch
      • Persona Tracking – Standard Fields
      • Persona First Steps
        • Memorable or not?
        • Dimensions
    • Twelve Essential Questions
    • Clandestine Cyber HUMINT - Screenplay
  • Request for Information
    • RFI Template
    • Request for Support
    • Data/Information dissemination
    • Coordinate with other internal and external sources
    • Validate preplanned collection tasks
    • Awareness of production and analysis status
    • Update adaptive collection plans
    • Redirects and information reporting to
    • Collection Planning Forms and Tracking Collection plan effectiveness
    • The Collection Manager’s Matrix Feedback loop
  • Complete a Plan
    • The Collection Plan Templates
    • Breakdown of the templates
      • PDF Form
      • Spreadsheet Collection Plan
      • Collection Tasking Worksheet
      • Intelligence Synchronization Matrix
    • Collection Manager Tasks Redux
    • Example completed plan
    • Iterative feedback – Constant communication
      • The Collection Manager’s Matrix Feedback loop
      • Converting intelligence-related information requirements into collection requirements Strategic, Tactical, Technical
  • Data Provenance - Dates/Times Collection Planning Process Flow and Metrics
  • Credibility / Validity / Relevance After-action reviews – at any time
    • Skimming / Speed Reading
    • Data Verification
    • Admiralty Scoring
      • Use and structure
    • Types of Evidence Collection Manager Oversight
    • Pitfalls in Evaluating Evidence
  • Intelligence Risk
  • Confidence Levels for your findings
  • Collection Plan Templates
  • Case Study Finals
  • Review
  • Q&A

Lecture, Hands-on, Apprenticeship, in-class exercises, student presentations, templates, course material - 40 CPE Online Course - 8 Weeks - www.cyberinteltrainingcenter.com

Event Date 08-26-2020
Event End Date 12-29-2027
Registration Start Date 05-20-2020
Capacity 999
Cut off date 08-26-2026
Individual Price $5,299.00

Contact Treadstone 71 Today for all your Cyber Intelligence needs.

CONTACT US TODAY