Cyber Threat Intelligence Program Design Playbook

This 6-hour track introduces a four-phased approach to building a cyber threat intelligence (CTI) program from the ground up. Students will learn how to design, build, operate, and enhance intelligence operations. They will also benefit from the combined experience of more than a dozen full-time Mandiant Intelligence consultants, and receive guidance about adequately resourcing, tooling, and measuring performance. The track is divided into 3 courses, each about 2 hours long:

1. Designing and Building a CTI Program
2. Operating an Effective Intelligence Program
3. Optimizing an Efficient CTI Program

This course assumes students understand foundational intelligence terms and concepts including:

• What constitutes a threat, how cyber threats impact computing operations, and the damage cyber threats can inflict upon businesses
• Basic cybersecurity roles and functions, such as the Security Operations Center (SOC), Incident Response (IR), vulnerability management, and executive functions including Chief Information Security Officer (CISO) and Chief Technology Officer (CTO)

At the end of this course, the goal is for you to:

• Create a CTI program charter
• Develop a strategic roadmap to build your CTI program
• Identify the core competencies required for threat analysts
• Evaluate and satisfy stakeholder needs 
• Build a process to develop timely and relevant intelligence products
• Identify your CTI program’s technological needs and determine how to prioritize its most significant capabilities
• Measure your program’s effectiveness against organizational goals through key performance indicators and metrics
• Conduct a capability gap analysis to improve and enhance the program, including generative AI solutions

This course was designed by intelligence professionals for intelligence professionals, but most security-oriented roles will benefit. Decision-makers or executives with the authority to construct and alter core cybersecurity operations (no matter the current operational efficiency) may also benefit.

On-demand training.

6 hours (about 2 hours per course).

On-demand training can be accessed 24/7 from a standard web browser.

Students will require a computer or mobile device with internet access to attend this course.