Treadstone 71 Announces Cyber Intelligence Capability Maturity Model

Treadstone 71 developed a maturity model to help organizations determine the maturity of their cyber intelligence initiatives against the cyber intelligence common body of knowledge (CICBOK). The model provides strategic and operational aspects of your cyber intelligence maturity, where it needs to go, and where you should concentrate your attention to create more value for your business. Nearly 8 years in the making, the Treadstone 71 Cyber Intelligence Maturity Model uses traditional tradecraft as delivered by Sherman Kent and Richards Heuer, intelligence community standards, analytic standards, and experiential knowledge derived from years of training, assessing, and building cyber intelligence programs.

The Treadstone 71 Cyber Intelligence Capability Maturity Model (T71-CICMM) is a methodology used to develop and refine an organization’s cyber intelligence program. Not only is the model educational and practical skills for learning and developing expertise, but also a roadmap for building a cyber intelligence program. More information is available here:

Treadstone 71 Cyber Intelligence Maturity Model

T71CICMM.png

Featured post

It has not changed – Russian Maskirovka – Denial and Deception

I keep a vigil in a wilderness of mirrors
Where nothing here is ever what it seems

Yuri Nosenko

yuri

“Instead of being relieved to hear that the Soviets had not been involved in the assassination, James Jesus Angleton, the C.I.A.’s legendarily suspicious counterintelligence chief, and others in the spy trade thought Mr. Nosenko’s apparent defection was a trick.”

http://www.planetreg.com/T71IntelTraining including Cyber Counterintelligence Tradecraft 

“After all, the agency had suffered a series of setbacks, including the unmasking and execution of two Russian intelligence officials who had been spying for the C.I.A. inside the Soviet Union.”

Not much has changed with respect to Russian counterintelligence activities but for the medium of use. The Internet affords great opportunities for denial and deception, counterdenial and counterdeception, ruses, feints, doubleplays, and other methods of manipulation and influence management. Want to learn more? Try Treadstone 71’s Cyber Counterintelligence Tradecraft Certification – http://www.planetreg.com/T71IntelTraining

http://www.washingtonpost.com/wp-dyn/content/article/2008/08/26/AR2008082603493

htmlhttp://mcadams.posc.mu.edu/russ/jfkinfo/jfk8/hscanpol.htm2017-04-28_7-19-37

Featured post

Training Report – Treadstone 71 Cyber Intelligence Tradecraft Professional Certification

“This past week, I had the absolute pleasure of attending the 5-day Treadstone 71 Cyber Intelligence Tradecraft Professional Certification course along with three of my colleagues.  Mr. Jeff Bardin was the instructor and his knowledge and depth in this area is exceptionally impressive!cyberintelt71

The training allows students to gain a better understanding of the cyber intelligence life cycle, the role and value of cyber intelligence relative to online targeting and collection, in modern organizations, businesses, and governments at the completion of this course. In addition, students understand: the methods of online anonymity, the fundamentals behind cyber intelligence collection and analysis, and how these current methods can be employed in our organizations to assist in online operational security and in defense against adversaries. The course was a combination of lecture, hands-on and student deliverables seen by many as an apprenticeship. We completed 4 case studies throughout the week in varying subjects such as Iranian hackers, high financial networks, Russian SCADA equipment, etc.

I would highly recommend this course to anyone looking to further their knowledge in the cyber area.  It will also allow you to become a better intelligence analyst, as a whole.  Overall, it was a truly fantastic learning experience that is applicable in both our personal, as well as professional lives.  I most certainly have a new appreciation for online security and safety.” – Recently certified student February 2017

Featured post

2017 Training Courses – Treadstone 71

2017 Training Dates

Main Page to Treadstone 71 Training – 2017

(or on demand including in-house or by location)

Treadstone 71 is working with FS-ISAC for training in London, Singapore, Malaysia, and Australia.

FS-ISAC Sponsored Courses:

Cyber Intelligence Tradecraft Training
3-7 April | Reston, VA
More | Register
Cyber Intelligence Tradecraft Training
8-12 May | London
More | Register
Cyber Intelligence Tradecraft Training
19-23 June | Reston, VA
More | Register
Cyber Intelligence Tradecraft Training
21-25 August | Reston, VA
More | Register

Featured post

Full Suite of Cyber-Threat Intelligence and Counterintelligence Courses Ready for Global Delivery

Treadstone 71 today announced a full suite of Cyber and Threat Intelligence and CounterIntelligence training courses. The courses drive the expansion of Treadstone 71’s accelerated, academically validated, intelligence training to global markets. Treadstone 71 delivers courses in California, Virginia, Canada, the United Kingdom, and the Netherlands and is set to expand to the Middle East and Asia later this year. (www.planetreg.com/T71IntelTraining)

Treadstone 71 offers a compelling business model that delivers rapid cyber and threat intelligence strategic planning, program build, and targeted training in sectors such as financial services, government, healthcare, energy, and other critical infrastructure verticals. Treadstone 71’s format, curriculum, and instruction model are helping meet critical global demand for cyber and threat intelligence and analysis expertise. Treadstone 71 training provide graduates with an attractive pathway to compensation increases, career progression, and much-needed attention to intelligence. The organization has been teaching cyber intelligence at the Master’s level and commercially for seven years. New courses include a focus on campaign management, the use of Tor, Tails, I2P, and Maltego as well as covering persona development and management. Students create a series of identities, character development, and dimensions, storyline, plot synopsis, story drive and limit, story weaving, applicability, scope, tools to be used, methods of interaction with other identities, engaging secondary characters, refining targeting while developing a campaign to gain street credentials.

“Our courses provide academic instruction combined with real-world, hands-on collection, analysis, analytic writing, dissemination, and briefings that many liken to an apprenticeship,” said Jeff Bardin, Chief Intelligence Officer for Treadstone 71. “Our curriculum follows the teachings of Sherman Kent and Richards Heuer giving students the tools necessary to perform targeted collection, structured analysis while authoring reports modeled after intelligence community standards. We teach methods of cyber infiltration, information and influence operations, counterintelligence strategies, mission based counterintelligence, denial and deception, and counter-denial and deception.”

Treadstone 71 courses are validated and proven by intelligence professionals creating job-ready threat intelligence professionals for global organizations suffering a talent shortage. “Intelligence analysis as an inherently intellectual activity that requires knowledge, judgment, and a degree of intuition,” continued Bardin. “Treadstone 71’s intelligence, counterintelligence, and clandestine cyber HUMINT training and services help organizations transform information into intelligence pertinent to their organization.”

Analysis includes integrating, evaluating, and analyzing all available data — which is often fragmented and even contradictory — and preparing intelligence products. Despite all the attention focused on the operational (collection) side of intelligence, analysis is the core of the process to inform corporate stakeholders. Analysis as more than just describing what is happening and why; identifying a range of opportunities… Intelligence Analysis is the key to making sense of the data and finding opportunities to take action. Analysis expands beyond the technical focus of today providing organizations with core capabilities for business, competitive, cyber, and threat intelligence.

Treadstone 71’s Cyber Intelligence Tradecraft Certification is the gold standard in the industry today derived from both academia and from Treadstone 71’s experience in building cyber intelligence programs at Fortune 500 organizations worldwide.

Treadstone 71

888.714.0071 – osint@treadstone71.comhttp://www.planetreg.com/T71IntelTraining

Featured post

We Are in a State of Cyber Cold War?

Wisdom begins with the definition of terms – Socrates

Many believe that we are not in some sort of state of cyber warfare. Many believe that it is only influence operations. These are the same people who are selling you security technologies and services to protect your environment. They believe calling our current state cyber war is hype. They fact that they believe this is demonstrated in their technologies that have double and triple downed on solutions that do not work. Solutions based solely on see, detect, and arrest. A paradigm proven over the past 20 years to be a paradigm of failure. The game of many a vendor (not all) is to generate revenue off your fear. A fear that can be remedied if we fix information security by first starting to fix information technology (see Cyber Security Predictions – Not Reality TV – Just Daytime Entertainment). One of the problems we have is standard taxonomy and glossary. Most do not have an understanding of the basics of intelligence and war. Most feel the need to apply physical characteristics to cyber actions in order for those actions to be taken as some sort of warfare. This is a major misnomer. My request here is for you to read the limited glossary items below. Once you have read these items, think of where we are today with respect to cyber security. If after reading and applying critical thinking to the terms and our current state of cyber security you do not believe we are in a state of cyber cold war, then provide some well thought out comments as to what state we are in fact in.

Information Operations (IO). The integrated employment of the core capabilities of electronic warfare, computer network operations, psychological operations, military deception, and operations security, in concert with specified supporting and related capabilities, to influence, disrupt, corrupt or usurp adversarial human and automated decision making while protecting our own. (JP 1-02)

           This includes five core capabilities incorporated into IO

  1. Electronic warfare is any action involving the use of the electromagnetic spectrum or directed energy to control the spectrum, attack of an enemy, or impede enemy assaults via the spectrum.
  2. Computer Network Operations (CNO)
    1. Comprised of computer network attack, computer network defense, and related computer network exploitation enabling operations (JP 1-02)
  3. Psychological operations
    1. Planned operations to convey selected information and indicators to foreign audiences to influence their emotions, motives, objective reasoning, and ultimately the behavior of foreign governments, organizations, groups, and individuals. The purpose of psychological operations is to induce or reinforce foreign attitudes and behavior favorable to the originator’s objectives. (JP 1-02 and JP 3-13.2)
  4. Military Deception
    1. Actions executed to deliberately mislead adversary military decision makers as to friendly military capabilities, intentions, and operations, thereby causing the adversary to take specific actions (or inactions) that will contribute to the accomplishment of the friendly mission. (JP 1-02)
    2. According to JP 3-13.4, Counterintelligence provides the following for MILDEC planners:
    3. Identification and analysis of adversary intelligence systems to determine the best deception conduits;
    4. Establishment and control of deception conduits within the adversary intelligence system, also known as offensive CI operations;
    5. Participation in counterdeception operations;
    6. Identification and analysis of the adversary’s intelligence system and its susceptibility to deception and surprise; and
    7. Feedback regarding adversary intelligence system responses to deception operations.
  5. Operations Security

*******

Treadstone71 2017 Cyber Intel Courses – http://www.planetreg.com/T71IntelTraining

*******

OPSEC is a five-step iterative process that assists an organization in identifying specific pieces of information requiring protection and employing measures to protect them.

  1. Identification of Critical information: Critical information is information about friendly intentions, capabilities and activities that allow an adversary to plan effectively to disrupt their operations. U.S. Army Regulation 530-1 has redefined Critical Information into four broad categories, using the acronym CALI- Capabilities, Activities, Limitations (including vulnerabilities), and Intentions.This step results in the creation of a Critical Information List (CIL). This allows the organization for focus resources on vital information, rather than attempting to protect all classified or sensitive unclassified information. Critical information may include, but is not limited to, military deployment schedules, internal organizational information, details of security measures, etc.
  2. Analysis of Threats: A Threat comes from an adversary – any individual or group that may attempt to disrupt or compromise a friendly activity. Threat is further divided into adversaries with intent and capability. The greater the combined intent and capability of the adversary, the greater the threat. This step uses multiple sources, such as intelligence activities, law enforcement, and open source information to identify likely adversaries to a planned operation and prioritize their degree of threat.
  3. Analysis of Vulnerabilities: Examining each aspect of the planned operation to identify OPSEC indicators that could reveal critical information and then comparing those indicators with the adversary’s intelligence collection capabilities identified in the previous action. Threat can be thought of as the strength of the adversaries, while vulnerability can be thought of as the weakness of friendly organizations.
  4. Assessment of Risk: First, planners analyze the vulnerabilities identified in the previous action and identify possible OPSEC measures for each vulnerability. Second, specific OPSEC measures are selected for execution based upon a risk assessment done by the commander and staff. Risk is calculated based on the probability of Critical Information release and the impact if such as release occurs. Probability is further subdivided into the level of threat and the level of vulnerability. The core premise of the subdivision is that the probability of compromise is greatest when the threat is very capable and dedicated, while friendly organizations are simultaneously exposed.
  5. Application of Appropriate OPSEC Measures: The command implements the OPSEC measures selected in the assessment of risk action or, in the case of planned future operations and activities, includes the measures in specific OPSEC plans. Countermeasures must be continually monitored to ensure that they continue to protect current information against relevant threats.The U.S. Army Regulation 530-1 refers to “Measures” as the overarching term, with categories of “Action Control” (controlling one’s own actions); “Countermeasures” (countering adversary intelligence collection); and “Counteranalysis” (creating difficulty for adversary analysts seeking to predict friendly intent) as tools to help an OPSEC professional protect Critical Information.

Offensive Cyber Operations. Programs and activities that through the use of cyberspace, 1) actively gather information from computers, information systems or networks or 20 manipulate, disrupt, deny, degrade, or destroy targeted adversary computers, information systems, or networks. (NSPD-38)

Cold War – a state of political hostility between countries characterized by threats, propaganda, and other measures short of open warfare – a conflict or dispute between two groups that does not involve actual fighting.

2017-01-16_18-37-11.jpg

Cyber War – the use of computer technology to disrupt the activities of a state or organization, especially the deliberate attacking of information systems for strategic or military purposes. Cyber warfare involves the actions by a nation-state or international organization to attack and attempt to damage another nation’s computers or information networks through, for example, computer viruses or denial-of-service attacks.

Try this link for more definitions https://ccdcoe.org/cyber-definitions.html

To repeat. think of where we are today with respect to cyber security. Apply critical thinking to the terms and our current state of cyber security. Assess our relationship with Russia. Provide some well thought out comments as to what state we are in fact in if you believe we are not in a state of cyber cold war with Russia. If we are not, then how would you define our current state?

Treadstone 71

 

 

 

Featured post

Blog at WordPress.com.

Up ↑

%d bloggers like this: