Course Description

TIA-210 Cyber Threat Intelligence Essentials is a dynamic and engaging two-day course designed to transform professionals into skilled practitioners of cyber threat intelligence. Through interactive case studies, real-world intelligence scenarios, and immersive hands-on exercises, participants will master essential concepts ranging from strategic and operational intelligence to the Cyber Kill Chain, MITRE ATT&CK, and advanced analysis frameworks such as the Diamond Model. Ideal for analysts, responders, managers, and leaders, this course will equip you to confidently interpret and leverage threat intelligence, enhance cybersecurity operations, and strategically mature your organization's intelligence capabilities. Upon successful completion, you'll earn a certificate validating your expertise in effectively managing and utilizing cyber threat intelligence.
Contact to Schedule a Live Course

Course curriculum

    1. An Introduction to Cyber Threat Intelligence

    2. Strategic Threat Intelligence

    3. Operational Threat Intelligence

    4. Cyber Kill Chain

    5. Cyber Threat Behaviors and MITRE ATT&CK

    6. Diamond Model of Intrusion Analysis

    7. Tactical Threat Intelligence

    8. Technical Threat Intelligence, Indicators, and Threat Detection

    9. Reading Threat Intelligence

    10. Threat Groups

    11. Hypothesis Driven Analysis

    12. Cyber Threat Intelligence Mapping

    1. The Intelligence Cycle

    2. Intelligence Requirements

    3. Intelligence Quality and Evaluation

    4. Collecting External Threat Intelligence

    5. Principles of Intelligence Sharing

    6. Collecting Internal Threat Intelligence

    7. Building a Collection Strategy

    8. Cyber Threat Attribution

    9. Improving Cybersecurity Management with Threat Intelligence

    10. Improving Cybersecurity Management with Threat Intelligence

    11. Improving Cybersecurity Operations with Threat Intelligence

    12. Maturing an Intelligence Program and Measuring Its Effectiveness and Value
  • 24 lessons

Learning Objectives

Learn how to collect, understand, use, and measure cyber threat intelligence.

  • The student understands and can articulate the unique value of cyber threat intelligence across all cybersecurity functions to leaders and decision-makers.

  • The students can create elementary intelligence requirements for themselves and others.

  • The student understands how to find and evaluate threat intelligence that meets their specific mission, business, and operational requirements.

  • The student can maximize the utilization of every piece of intelligence and measure its value (i.e., achieve positive intelligence ROI).

  • The student can communicate threat intelligence findings to others in the context of mission and function.

  • The student understands the function of a broader business, government, and organizational sharing ecosystem and the rules and norms of intelligence sharing.

Who Should Take TIA-210 Cyber Threat Intelligence Essentials

  • Cybersecurity Practitioners

    TIA-210 Cyber Threat Intelligence Essentials equips you with versatile and comprehensive intelligence skills to collect, evaluate, and integrate intelligence into your roles and responsibilities creating a measurable difference in your organization's cybersecurity.

  • Cybersecurity Leaders

    TIA-210 Cyber Threat Intelligence Essentials enables leaders to strategically enhance your organization's threat intelligence maturity, operational resilience, and informed decision-making.

  • Cybersecurity Customer Product and Sales Professionals

    TIA-210 Cyber Threat Intelligence Essentials equips you with critical insights to confidently engage customers, articulate threat intelligence value, and differentiate your solutions in the marketplace.

Instructor(s)

Lead Instructor Sergio Caltagirone

Sergio Caltagirone, widely recognized as the "Godfather of Threat Intelligence," is uniquely qualified as the leading expert in the field, having pioneered numerous threat intelligence initiatives in both public and private sectors. His influential contributions, including hundreds of groundbreaking publications and presentations, have significantly advanced global understanding and practice of threat intelligence. Sergio co-created the widely-adopted Diamond Model of Intrusion Analysis, empowering thousands of cybersecurity professionals worldwide to effectively hunt and disrupt adversaries. With nine years of distinguished service as the lead threat intelligence analyst at the US National Security Agency, Sergio expertly tracked and countered the world's most advanced cyber threats. Following his tenure at NSA, he established Microsoft's comprehensive threat intelligence capability, defending over 1 billion global customers while simultaneously integrating intelligence throughout the Microsoft ecosystem and launching both Microsoft Defender and Azure Sentinel products. Subsequently, Sergio founded and led the world's premier industrial control system threat intelligence team at Dragos, protecting critical infrastructures such as electric power grids, water systems, oil and gas facilities, and manufacturing plants worldwide. Currently, Sergio shares his unmatched expertise as a Professor of Practice at the Georgia Institute of Technology, teaching cybersecurity courses in both the School of Public Policy and the College of Computing. He further demonstrates his deep commitment to humanitarian cybersecurity as a member of the International Committee of the Red Cross cybersecurity experts committee. Sergio’s unparalleled experience and industry leadership make him the foremost authority in teaching threat intelligence.