Introduction to Cyber Threat Intelligence (CTI) | Deloitte Academy | Deloite Netherlands


Introduction to Cyber Threat Intelligence (CTI)

From the basis of intelligence analysis to creating actionable insight into adversaries and their malicious activities.

CTI provides actionable intelligence that can identify attackers and their methodologies, and can translate these threats into business risks, all in written reports with terms that are meaningful for both technical and non-technical executives. Cyber Threat Intelligence is an essential force multiplier for decision making- as well as identifying, detecting and preventing targeted attack of your adversaries.

18 - 20 November 2019 | Amsterdam

Course objectives

During the 3 days of training you will learn what cyber threat intelligence is and how to use it as a force multiplier –You will learn how to perform qualitative analysis focusing on how to interpret and understand data within the right context, writing and selecting data for different audiences (strategic, operational, tactical) and the difference between data, information and intelligence, as well as intelligence frameworks, attribution, intrusion sets and indicators. The course is filled with practical exercises to introduce you to the world of cyber threat intelligence and to bring you quickly up to speed or to refresh existing knowledge.

Course outline

  • Defining Cyber Threat Intelligence
  • Deep dive into how to apply the intelligence cycle for CyberThreat Intelligence
  • Setting up the Cyber Threat Intelligence program
  • Setting up intelligence requirements
  • Collection efforts; Social Media Intelligence (SOCMINT), Dark           Web Fora, Human Intelligence, Vendors, Internal Sources and    Tooling
  • Analytical techniques and relevant frameworks & knowledgebases
  • Creation of Intelligence products, language and writing
  • Dissemination and sharing mechanisms & metrics
  • Setting up your Cyber Threat Intelligence team
  • And many more fun stuff..

The course will be given in English or Dutch, depending on the participants preferred language. The course material is in English


Follow up Modules

  • Intrusion Analysis: 2 day course providing you a thorough introduction to how to perform intrusion analysis effectively. Our 3 day introduction course does not contain detailed modules regarding intrusion analysis, these are delivered separately and together with our international team. This training module emphasizes how to effectively analyze intrusions, integrate them in your workflow and share our tips and tricks.
  • Data link analysis with Maltego: 2 day course providing you a thorough introduction with this powerful open-source intelligence tool to easily gather data and perform link analysis. This training module will focus on the basics of this tool, tips, tricks as well as some practical exercises.
  • Custom training programs: Obviously no intelligence team is the same. Each team is unique in terms of what specific knowledge they poses and want to improve on. We get that. To enable this, we also provide tailored training programs fitting your exact needs. Please contact Gert-Jan Bruggink or Karel de Zoete for more information.

Target group

The course is designed for professionals in the Cyber and/or Risk practice that are looking to strengthen their expertise in the field of Cyber Threat Intelligence. Emphasis in this course is given to the challenges of how Cyber Threat Intelligence can be utilized in an effective manner while in a corporate environment.

Participants will be required to participate actively in all sessions and to provide useful feedback to their peers. No strong technical background is required.

Participants should have affinity with Cyber Security and a clear desire to understand how to CTI in their daily efforts or their organisation.

Date & location

18 - 20 November 2019

15 - 17 June 2020

30 November - 2 December 2020


This course will be given in English or Dutch, depending on the participants preferred language. The course material is in English.


The costs are € 1500 ex VAT. Catering (lunch) and course materials are included in the price.

Permanent Education

Deloitte Academy is accredited by the NBA PE institution and has the NRTO label. This course qualifies for 18 PE hours. You can also register your PE-hours at the NOB or VRC.

For more information about our accreditation, we refer you to our Permanent Education page.


Until four weeks before the start of the course you may cancel your participation by email free of charge, or you may propose to attend on another date. Should you cancel within four weeks before the start of the course you will have to pay the full course fee.

In the event of insufficient participants we reserve the right to cancel the course at any time or move the date of the event. If so, you will be informed in due time.


Karel de Zoete

Karel de Zoete


Within Deloitte Cyber Risk Services I’m focusing on Strategy, Risk Management and Transformations. I have a previous background in the banking and financial services industry, as well as public sector... More

Gert-Jan Bruggink

Gert-Jan Bruggink


Hi folks! My primary role at Deloitte is to assist leaders in making informed decisions by utilizing cyber threat intelligence. In addition to that I’m helping those leaders implement relevant and sus... More