Training Report – Treadstone 71 Cyber Intelligence Tradecraft Professional Certification

“This past week, I had the absolute pleasure of attending the 5-day Treadstone 71 Cyber Intelligence Tradecraft Professional Certification course along with three of my colleagues.  Mr. Jeff Bardin was the instructor and his knowledge and depth in this area is exceptionally impressive!cyberintelt71

The training allows students to gain a better understanding of the cyber intelligence life cycle, the role and value of cyber intelligence relative to online targeting and collection, in modern organizations, businesses, and governments at the completion of this course. In addition, students understand: the methods of online anonymity, the fundamentals behind cyber intelligence collection and analysis, and how these current methods can be employed in our organizations to assist in online operational security and in defense against adversaries. The course was a combination of lecture, hands-on and student deliverables seen by many as an apprenticeship. We completed 4 case studies throughout the week in varying subjects such as Iranian hackers, high financial networks, Russian SCADA equipment, etc.

I would highly recommend this course to anyone looking to further their knowledge in the cyber area.  It will also allow you to become a better intelligence analyst, as a whole.  Overall, it was a truly fantastic learning experience that is applicable in both our personal, as well as professional lives.  I most certainly have a new appreciation for online security and safety.” – Recently certified student February 2017

Featured post

2017 Training Courses – Treadstone 71

2017 Training Dates

Main Page to Treadstone 71 Training – 2017

(or on demand including in-house or by location)

Treadstone 71 is working with FS-ISAC for training in London, Singapore, Malaysia, and Australia.

FS-ISAC Sponsored Courses:

Cyber Intelligence Tradecraft Training
3-7 April | Reston, VA
More | Register
Cyber Intelligence Tradecraft Training
8-12 May | London
More | Register
Cyber Intelligence Tradecraft Training
19-23 June | Reston, VA
More | Register
Cyber Intelligence Tradecraft Training
21-25 August | Reston, VA
More | Register

Featured post

Full Suite of Cyber-Threat Intelligence and Counterintelligence Courses Ready for Global Delivery

Treadstone 71 today announced a full suite of Cyber and Threat Intelligence and CounterIntelligence training courses. The courses drive the expansion of Treadstone 71’s accelerated, academically validated, intelligence training to global markets. Treadstone 71 delivers courses in California, Virginia, Canada, the United Kingdom, and the Netherlands and is set to expand to the Middle East and Asia later this year. (www.planetreg.com/T71IntelTraining)

Treadstone 71 offers a compelling business model that delivers rapid cyber and threat intelligence strategic planning, program build, and targeted training in sectors such as financial services, government, healthcare, energy, and other critical infrastructure verticals. Treadstone 71’s format, curriculum, and instruction model are helping meet critical global demand for cyber and threat intelligence and analysis expertise. Treadstone 71 training provide graduates with an attractive pathway to compensation increases, career progression, and much-needed attention to intelligence. The organization has been teaching cyber intelligence at the Master’s level and commercially for seven years. New courses include a focus on campaign management, the use of Tor, Tails, I2P, and Maltego as well as covering persona development and management. Students create a series of identities, character development, and dimensions, storyline, plot synopsis, story drive and limit, story weaving, applicability, scope, tools to be used, methods of interaction with other identities, engaging secondary characters, refining targeting while developing a campaign to gain street credentials.

“Our courses provide academic instruction combined with real-world, hands-on collection, analysis, analytic writing, dissemination, and briefings that many liken to an apprenticeship,” said Jeff Bardin, Chief Intelligence Officer for Treadstone 71. “Our curriculum follows the teachings of Sherman Kent and Richards Heuer giving students the tools necessary to perform targeted collection, structured analysis while authoring reports modeled after intelligence community standards. We teach methods of cyber infiltration, information and influence operations, counterintelligence strategies, mission based counterintelligence, denial and deception, and counter-denial and deception.”

Treadstone 71 courses are validated and proven by intelligence professionals creating job-ready threat intelligence professionals for global organizations suffering a talent shortage. “Intelligence analysis as an inherently intellectual activity that requires knowledge, judgment, and a degree of intuition,” continued Bardin. “Treadstone 71’s intelligence, counterintelligence, and clandestine cyber HUMINT training and services help organizations transform information into intelligence pertinent to their organization.”

Analysis includes integrating, evaluating, and analyzing all available data — which is often fragmented and even contradictory — and preparing intelligence products. Despite all the attention focused on the operational (collection) side of intelligence, analysis is the core of the process to inform corporate stakeholders. Analysis as more than just describing what is happening and why; identifying a range of opportunities… Intelligence Analysis is the key to making sense of the data and finding opportunities to take action. Analysis expands beyond the technical focus of today providing organizations with core capabilities for business, competitive, cyber, and threat intelligence.

Treadstone 71’s Cyber Intelligence Tradecraft Certification is the gold standard in the industry today derived from both academia and from Treadstone 71’s experience in building cyber intelligence programs at Fortune 500 organizations worldwide.

Treadstone 71

888.714.0071 – osint@treadstone71.comhttp://www.planetreg.com/T71IntelTraining

Featured post

Cyber Security Predictions – Not Even Reality TV – Just Daytime Entertainment

The plethora of 2017 cyber security predictions do nothing but distract practitioners from executing actual controls and methods of defense and prevention. Each year we get slammed with predictions that are never followed, are common sense, and serve to market and sell products and services. The so-called information and cyber security experts, many times self-proclaimed, spew predictions on all potential areas. This is not much more than fake news and methods to direct readers to vendor products. The vendor products that claim to solve these predictions and therefore, become self-fulfilling prophecies. For the most part, once the predictions are published, the follow-up to their success is non-existent. Their purposes are to market and sell, drive perception, manage the market, and drive a false sense of vendor expertise.

We should focus on actual problem resolution and change the failed paradigm within which security exists. We continue to propagate vendor products and services that do not work, only treating the symptoms. This is not much different from the pharmaceutical industry that markets pills to you each evening during the news and prime time. Pills that treat symptoms and cause more side effects than they do solve issues. Advertisements that drive up the cost of the product manipulating the market and those that prescribe the ‘solutions’ to recommend purchase.

The only way we change this paradigm, and I mean we, is to push back on these vendors to solve problems and quit selling products that treat symptoms. We must also correct our own internal behaviors. A few weeks ago, I published a potential list of 12 items to change this paradigm (the 12th is a shameless plug so 11). They are listed below.

We need to forget the Jerry Springer-like entertainment of annual cyber predictions and focus on solving the hard problems we face.

What does Treadstone 71 seek? We seek an end to the noise and an understanding that our information, our intellectual property, and our way of life is under constant siege. We are in a cyber war with skirmishes and battles occurring 24×7. We need to direct the carpetbagging vendors to cease in their war profiteering and take a moral stance in fighting our adversaries. We also need to correct and adjust how we run IT and information security. The list of 11 is below. We welcome your comments, your additions, and your assistance in this call to action to change the failed paradigm.

Treadstone 71

  1. All CIOs must have served as a CISO for at least four years before being allowed to be a CIO.
  2. All CIOs must have a CISSP, CISM, and at least two technical information security certifications and have been thoroughly trained and qualified to be a CIO. No more cronyism.
  3. CISOs will never report to the CIO – conflict of interest and a recipe for … what we have now.
  4. If you are the administrator for a device, you secure that device (servers, routers, appliances, etc.). You are responsible and accountable – Secure what you own. Secure what you manage.
  5. CIOs and their leadership will be held liable for deploying vulnerable systems.
  6. All new products (IoT and beyond) must be certified secure before public release. No more figure it out as we go and bolt it on after we have consumers hooked.
  7. All root access / administrative rights for production, critical, supporting, etc., systems and devices are removed and granted only for approved changes and incidents.
  8. All written code and script must be written properly. There is no such thing as secure code, only code the works correctly and does not create vulnerabilities.

Treadstone 71 2017 Intelligence Training Courses – Sign up now or inquire about how to have us come onto your site to training.

  1. All operating systems will be shipped closed and installed closed with a risk rating system for each port, protocol, and service. Each modification reduces the security posture of the operating system providing a risk score while automatically offering advice on how to remediate that score with other controls.
  2. New regulations to enforce security and privacy, demanding disclosure of breaches,  fining companies and individuals for negligence are put in place, at once.
  3. Vendors posting adversary IoCs, TTPs, and other methods that would normally be seen as ‘telling the enemy what we know, i.e., sedition’ will be fined for such activity.
  4. You will tell yourselves over and over again that contracting with Treadstone 71 to build your cyber intelligence strategy and program is the absolute right thing to do (repeat after me …).

Decided to add a real 12:

  1. Let’s create a focused call to action to change the paradigm. Open to suggestions, dedicated forums, public push to change vendors, public push to force IT to change.

Call to Action!

Featured post

The 12 Days of Cyber Christmas

…or What I want for Cyber Security and Intelligence Christmas 2016

  1. All CIOs must have served as a CISO for at least 4 years before being allowed to be a CIO.
  2. All CIOs must have a CISSP, CISM, and at least 2 technical information security certifications and have been thoroughly trained and qualified to be a CIO. No more cronyism.
  3. CISOs will never report to the CIO – conflict of interest and a recipe for … what we have now.
  4. If you are the administrator for a device, you secure that device (servers, routers, appliances, etc.). You are responsible and accountable – Secure what you own. Secure what you manage.
  5. CIOs and their leadership will be held liable for deploying vulnerable systems.
  6. All new products (IoT and beyond) must be certified secure before public release. No more figure it out as we go and bolt it on after we have consumers hooked.
  7. All root access / administrative rights for production, critical, supporting, etc., systems and devices are removed and granted only for approved changes and incidents.
  8. All written code and script must be written properly. There is no such thing as secure code, only code the works correctly and does not create vulnerabilities.

Treadstone 71 2017 Intelligence Training Courses – Sign up now or inquire about how to have us come onto your site to training.

    9. All operating systems will be shipped closed and installed closed with a risk rating system for each port, protocol, and/or service. Each modification reduces the security posture of the operating system providing a risk score while automatically offering advice on how to remediate that score with other controls. 

    10. New regulations to enforce security and privacy, demanding disclosure of breaches,    fining companies and individuals for negligence are put in place, at once.

    11. Vendors posting adversary IoCs, TTPs, and other methods that would normally be seen as ‘telling the enemy what we know, i.e., sedition’ will be fined for such activity.

  12. You will tell yourselves over and over again that contracting with Treadstone 71 to build your cyber intelligence strategy and program is the absolute right thing to do (repeat after me …).

Merry Cyber Christmas from Treadstone 71

img_0668

Featured post

Clandestine Cyber HUMINT 

CLANDESTINE CYBER HUMINT/OSINT COURSE

Course snippet non-inclusive of Tails, Tor, Dark Net, and Oryon:

Treadstone 71 2017 Intelligence Training Courses – Sign up now or inquire about how to have us come onto your site to training.

Find the course information and registration here:

CLANDESTINE CYBER HUMINT/OSINT COURSE

…..

1. Anonymity
2. What is anonymity online?
3. Tails
1. What is Tails?
2. Tails and Tor Bridge Mode
3. Tor Project
1. Overview
2. Who uses Tor?
3. Tor – A Layman’s Guide
4. Tails – Tor enforcement
5. Tails Installation Assistant
6. Install from Windows
7. I2P Anonymous Network
8. Intro I2P

…..

4. Information Warfare and Cyber Psychological Operations
1. Target analysis and message manipulation where applicable
1. Gathered data
2. Organized and decomposed data points
a. Established timelines
b. Created adversary dossiers and organization charts

…..

5. Intro to the Darknet
5.1 Introduction to the Darknet (NOTE: Some/Many of the sites come and go and may not be available for review)
5.1.1 How to Access Onion Sites
5.1.2 Tor – Download, Installation, Use
5.1.3 Markets to Search
5.1.4 Site for Exploration:

 

…..

 

 

 

Featured post

Amsterdam, NL 1/30-2/3/2017 Cyber Intel Training

Registration Information – Treadstone 71 Cyber Intelligence Tradecraft Certification
Dates and Times TBD

https://cybershafarat.com/2016/07/31/intelligenceanalysis/

http://www.planetreg.com/intelAmsterdam to register for the course.

*********************************************************************
Cyber Intelligence Tradecraft Certification
Cyber CounterIntelligence Tradecraft Certification
Cyber Intelligence Analyst Certification

Upcoming Classes

*********************************************************************

 

Featured post

Proposed 2017 Training Dates – US

*********************************************************************

Cyber Intelligence Tradecraft Certification

Cyber CounterIntelligence Tradecraft Certification

Cyber Intelligence Analyst Certification

Upcoming Classes

t71-reflections-observations

Featured post

Blog at WordPress.com.

Up ↑

%d bloggers like this: