Building a Cyber Intelligence Program - Part 4

An in depth look at the different types of analysis and how they work in intelligence analysis.

Building Your Cyber Intelligence Program Part 4

The types of analysis, ranging from decomposition and link analysis to aggregation, recomposition, and synthesis, hold significant value in understanding complex systems and deriving meaningful insights. Each type of analysis contributes to a holistic understanding of the subject matter by employing different methodologies and techniques. Let's delve into each type and explain their value in detail:
Decomposition Analysis: Decomposition involves breaking down a complex system into its constituent parts or components. By understanding the individual elements and their relationships, we can gain insights into the functioning and behavior of the system as a whole. This analysis allows us to identify the key drivers or factors influencing the system and comprehend their interdependencies.
Link Analysis: Link analysis focuses on examining relationships and connections between various entities within a system. It helps identify patterns, associations, or dependencies among different elements. By visualizing and analyzing these links, we can uncover hidden insights, such as identifying influential entities or understanding network structures.
Aggregation Analysis: Aggregation involves combining data or information from different sources or levels of granularity to provide a broader perspective. By consolidating and summarizing data, we can identify overarching trends, patterns, or commonalities that may not be apparent at an individual level. Aggregation analysis helps us gain a macro-level understanding and make informed decisions based on comprehensive information.
Recomposition Analysis: Recomposition analysis involves synthesizing individual components or elements to reconstruct a system or create new configurations. By reassembling these parts in different ways, we can explore alternative scenarios or configurations and evaluate their potential outcomes. This analysis allows for experimentation and optimization by assessing the impact of different compositions on system performance.
Synthesis Analysis: Synthesis is the process of integrating diverse information, insights, or findings into a cohesive whole. It involves combining different perspectives, data sources, or analysis results to derive a comprehensive understanding or develop new knowledge. Synthesis analysis facilitates a holistic view by bringing together various viewpoints, enabling us to uncover deeper insights and formulate comprehensive strategies.
The value of these types of analysis (and several others covered in the short course) lies in their collective ability to provide a comprehensive understanding of complex systems. By employing decomposition, link analysis, aggregation, recomposition, and synthesis, we can navigate through intricate relationships, identify underlying patterns, and gain insights that might otherwise remain hidden. These analyses enable us to make informed decisions, develop effective strategies, and solve complex problems by leveraging a rich array of analytical techniques.


Your Instructor


Treadstone 71
Treadstone 71

Treadstone 71 is a woman and veteran-owned small business exclusively focused on cyber and threat intelligence consulting, services, and training. We are a pure-play intelligence shop.

Training dates and locations here

Since 2002, Treadstone 71 delivers intelligence training, strategic, operational, and tactical intelligence consulting, and research. We provide a seamless extension of your organization efficiently and effectively moving your organization to cyber intelligence program maturity. Our training, established in 2008, follows intelligence community standards as applied to the ever-changing threat environment delivering forecasts and estimates as intelligence intends. From baseline research to adversary targeted advisories and dossiers, Treadstone 71 products align with your intelligence requirements. We do not follow the create once and deliver many model. We contextually tie our products to your needs. Intelligence is our only business.

  • We use intuition, structured techniques, and years of experience.
  • We supply intelligence based on clearly defined requirements.
  • We do not assign five people to do a job only one with experience.
  • We do not bid base bones only to change order you to overspending.
We do not promise what we cannot deliver. We have walked in your shoes. We understand your pressures.

We are known for our ability to:

  • Anticipate key target or threat activities that are likely to prompt a leadership decision.
  • Aid in coordinating, validating, and managing collection requirements, plans, and activities.
  • Monitor and report changes in threat dispositions, activities, tactics, capabilities, objectives as related to designated cyber operations warning problem sets.
  • Produce timely, fused, all-source cyber operations intelligence and indications and warnings intelligence products (e.g., threat assessments, briefings, intelligence studies, country studies).
  • Provide intelligence analysis and support to designated exercises, planning activities, and time-sensitive operations.
  • Develop or recommend analytic approaches or solutions to problems and situations for which information is incomplete or no precedent exists.
  • Recognize and mitigate deception in reporting and analysis.
    Assess intelligence, recommend targets to support operational objectives.
  • Assess target vulnerabilities and capabilities to determine a course of action.
  • Assist in the development of priority information requirements.
  • Enable synchronization of intelligence support plans across the supply chain.
  • ...and Review and understand organizational leadership objectives and planning guidance non-inclusively.

Course Curriculum


  Building a Cyber Intelligence Program - Part 4
Available in days
days after you enroll

Frequently Asked Questions


When does the course start and finish?
The course starts upon enrollment. This short course should take no more than a week at the longest.
How long do I have access to the course?
12 months with access to over 100 artifacts, the primary consultant, lectures, methods, process flows, procedures, matrices, policies, and plans. All are from our library built from nearly 15 years of cyber intelligence program builds. We have built them in insurance companies, banks, financial services firms, cybersecurity companies, hospitals, and more. This is what is available when taking all short courses associated with the full program.

Part 1 is now open for enrollment.

Get started now!