OVERVIEW

The Certified Threat Intelligence Analyst (CTIA) programme was created in conjunction with cybersecurity and threat intelligence specialists from across the world to assist enterprises in identifying and mitigating business risks by transforming unknown internal and external threats into recognised dangers. It is an in-depth, specialist-level training that provides a systematic strategy to developing effective threat intelligence.

CTIA is a necessary programme for professionals who deal with cyber risks on a daily basis in the ever-changing threat landscape. Today’s organisations require a professional-level cybersecurity threat intelligence analyst who can extract insight from data using a variety of advanced methodologies. Such professional-level programmes can only be realised if the core of the curriculum maps to and is consistent with threat intelligence frameworks established by the government and industry.

Course Outline

• Introduction to Threat Intelligence
• Cyber Threats and Kill Chain Methodology
• Requirements, Planning, Direction, and Review
• Data Collection and Processing
• Data Analysis
• Intelligence Reporting and Dissemination

Course Objective

This Certified Threat Intelligence Analyst training and certification aim to explain expertly:

• Primary issues threatening the information security world
• Role of threat intelligence
• Implementing threat intelligence in risk management, incident response, and SIEM
• Cyber threats and threat factors
• Objectives of diverse cybersecurity attacks
• Basics of threat intelligence including types, capabilities, strategy, lifecycle, maturity model, and frameworks
• Implementing the cyber kill chain methodology
• Advanced Persistent Threat (APT) lifecycle
• Tactics, Techniques, and Procedures (TTPs)
• Indicators of Compromise (IOS) and the pyramid of pain
• Steps to Planning a threat intelligence program including taking requirements, planning, directing, and review
• Types of data feeds and methods to collect data
• Threat intelligence data collection by using Cyber Counterintelligence (CCI), Open Source Intelligence (OSINT), Human Intelligence (HUMINT), and Indicators of Compromise (IOS)
• Bulk data collection, data structuring, processing, normalizing, sampling, storing, and creating visualizations
• Types of data analysis techniques such as Statistical Data Analysis, Analysis Structured Analysis of Competing Hypotheses (SACH), and of Competing Hypotheses (ACH)
• Threat analysis process including threat modeling, evaluation, fine-tuning, creating a knowledge base and runbook
• Threat intelligence dissemination, dissemination preferences
• Intelligence collaboration and Malware analysis
• Types of TI exchange and threat intelligence sharing formats
• Tools for threat intelligence, threat modeling, data analysis
• Disseminating threat intelligence and sharing protocols, dissemination preferences, sharing rules and models, intelligence collaboration
• TI exchange architecture and types, sharing relationships
• threat intelligence standards and formats for sharing
• Threat intelligence reporting
• Platforms and regulations to share operational, strategic, tactical, and technical intelligence