This three-day course explains how to apply the discipline of intelligence analysis to the cyber domain. The course covers strategic subjects such as the organizational role of cyber threat intelligence (CTI) and stakeholder analysis, as well as analytic practitioner skills development topics, such as understanding the intelligence lifecycle, developing raw data into minimally viable intelligence, and an introduction to cyber intelligence attribution.
Learning Objectives
After completing this course, learners should be able to: • Clearly define cyber intelligence and the difference between intelligence and information, and articulate the role and importance of the cyber threat intelligence (CTI) capability • Describe how the Intelligence Cycle functions as the working model to operationalize intelligence • Explain the two modes of analytic thinking and the use of structured analytic techniques • Detail ways to counter analytic bias • Explain threat model concepts and why we use them • State the basics of malware composition • Describe how intelligence analysts convert raw threat data into actionable intelligence • Write well-structured intelligence reports and determine improvements to current communications
Framework Connections
The materials within this course focus on the NICE Framework Task, Knowledge, and Skill statements identified within the indicated NICE Framework component(s):
Specialty Areas
- All-Source Analysis
Feedback
If you would like to provide feedback on this course, please e-mail the NICCS team at NICCS@mail.cisa.dhs.gov. Please keep in mind that NICCS does not own this course or accept payment for course entry. If you have questions related to the details of this course, such as cost, prerequisites, how to register, etc., please contact the course training provider directly. You can find course training provider contact information by following the link that says “Visit course page for more information...” on this page.