Cyber Threat Intelligence Essentials

TIA-210 Cyber Threat Intelligence Essentials

TIA 210 introduces cyber threat intelligence, focusing on real threats and derived intelligence. It covers finding, consuming, sharing, and using threat intelligence, with a brief overview of intelligence production.

Interested in this course? Email us at [email protected]

Course Description

This course is a short (14-16 hour) introduction to threat intelligence and provides the essentials to those who will see, consume, and share threat intelligence regularly in their job. Mastery of threat intelligence requires at least 160 hours of training. Therefore, this course is an introduction designed for those who find, share, evaluate, and use threat intelligence across the breadth of cybersecurity topics. This course is an excellent foundation focusing on the critical knowledge most professionals need for working competently with threat intelligence. Particularly for those who will encounter threat intelligence in their work weekly or, more often, interact with those who produce threat intelligence for their organization or as a first course for those who will be training further in threat intelligence. While many intelligence professionals spend their early training on intelligence production fundamentals, that approach tends to produce analysts deaf to decision-makers and intelligence consumers because they learn to produce intelligence before they learn how to use it. This course focuses instead on the principles of intelligence utilization useful for all professionals regardless of eventual role or track.

Contact to Schedule a Live Course

Learning Objectives

Learn how to collect, understand, use, and measure cyber threat intelligence.

The student understands and can articulate the unique value of cyber threat intelligence across all cybersecurity functions to leaders and decision-makers.
The students can create elementary intelligence requirements for themselves and others.
The student understands how to find and evaluate threat intelligence that meets their specific mission, business, and operational requirements.
The student can maximize the utilization of every piece of intelligence and measure its value (i.e., achieve positive intelligence ROI).
The student can communicate threat intelligence findings to others in the context of mission and function.
The student understands the function of a broader business, government, and organizational sharing ecosystem and the rules and norms of intelligence sharing.

Instructor(s)

Lead Instructor Sergio Caltagirone

Sergio Caltagirone has been called the "Godfather of Threat Intelligence" having built over a dozen threat intelligence teams in both public and private sector and leading the development of threat intelligence worldwide with hundreds of publications and presentations. He co-created the Diamond Model of Intrusion Analysis, helping thousands of others bring more pain to adversaries by strengthening hunters and analysts. He spent 9 years at the US National Security Agency as their lead threat intelligence analyst hunting and tracking the world's most sophisticated threats. He left NSA to build Microsoft's threat intelligence capability and practice protecting over 1 billion customers from cyber threats. Later, Sergio built and led the world's only dedicated industrial control system threat intelligence team at Dragos protecting electric power grids, water systems, oil and gas plants, and manufacturing worldwide. He furthers several humanitarian goals through membership on the International Committee of the Red Cross cybersecurity experts committee and serving as Technical Director for the Global Emancipation Network combating human trafficking on the internet globally.