Summary

In this podcast episode, Elizabeth Dos Santos shares her journey from a 25-year career in the FBI, focusing on intelligence analysis and counter-terrorism, to the private sector, teaching intelligence.

She discusses the challenges she faced, the importance of communication skills, and her transition to the private sector. Elizabeth emphasizes the role of AI in intelligence, the need for critical thinking, and the significance of structured analytic techniques in training.

She also provides valuable advice for aspiring intelligence analysts, highlighting the importance of writing and presentation skills.

Takeaways

• Elizabeth Dos Santos has a rich background in intelligence, having worked for the FBI for nearly 25 years.
• Her journey into intelligence began through a suggestion from her father.
• She emphasizes the importance of communication skills in intelligence analysis.
• Elizabeth shares her transition from government to private sector work and the cultural differences.
• She highlights the importance of structured analytic techniques in training and analysis is emphasized.
• Elizabeth advises aspiring analysts to focus on writing and presentation skills.
• The conversation touches on the need for transparency in AI and the importance of critical thinking.
• AI presents both opportunities and challenges in the field of intelligence.

Resources and references mentioned

• The Psychology of Intelligence Book - https://www.cia.gov/resources/csi/books-monographs/psychology-of-intelligence-analysis-2/
• The Six Thinking Hats Book - https://www.amazon.com/Six-Thinking-Hats-Edward-Bono/dp/0241257530
• Pherson Associates - https://pherson.org/
• ICD 203 - https://www.dni.gov/files/documents/ICD/ICD-203.pdf
• SANS FOR578 CTI - https://www.sans.org/cyber-security-courses/cyber-threat-intelligence
• Is all Intelligence Forward Looking blog post - https://inteltradecraft.com/is-all-intelligence-forward-looking
• The Thinking, Fast & Slow Book - https://www.amazon.com/Thinking-Fast-Slow-Daniel-Kahneman/dp/0374275637
• Training with Intelligence Tradecraft - https://inteltradecraft.com/sat-certifications
• IAFIE - https://www.iafie.org/
• The Structured Analytic Techniques (SAT) Book - https://www.amazon.com/Structured-Analytic-Techniques-Intelligence-Analysis/dp/150636893X
• The SAT Handbook book - https://www.amazon.com/Handbook-Analytic-Tools-Techniques-5th/dp/0979888093/
• Admiralty Scale SANS Blog - https://www.sans.org/blog/enhance-your-cyber-threat-intelligence-with-the-admiralty-system/
• SANS FOR589 Cybercrime course - https://www.sans.org/cyber-security-courses/cybercrime-intelligence/

Chapters

00:00 Introduction to Elizabeth Dos Santos

01:51 Journey into Intelligence

08:44 Career Development in the FBI

12:40 Challenges and Growth in Intelligence

19:39 Transitioning to the Private Sector

27:52 The Role of AI in Intelligence

53:23 Advice for Aspiring Intelligence Analysts

01:07:29 The Importance of Communication in Intelligence

01:14:19 Structured Analytic Techniques and IAP

01:18:19 Conclusion and Reflections on Intelligence

This conversation is a compressed edit of an interview Freddy has conducted as part of his PhD research. The interview happened on May 13th, 2025 in Copenhagen, Denmark.

Summary

In this conversation, Terry shares his journey from government intelligence to the private sector, discussing the evolution of training and methodologies in intelligence analysis. He emphasizes the importance of structured analytical techniques and the challenges faced in adapting these methods in the private sector. The discussion also touches on the impact of geopolitics on cyber threats and the role of AI in intelligence work, highlighting the need for critical thinking and planning in the analysis process. Terry reflects on the differences between open source intelligence and open source information, and the importance of understanding biases in AI tools.

Takeaways

• Terry is a senior director for customer success at Atreides.
• He has a mixed career in both government and private sectors.
• Training in intelligence has evolved significantly over the years.
• Open source intelligence became more prominent after 2008.
• Structured analytical techniques are crucial for effective analysis.
• Planning is essential before diving into information collection.
• The maturity of intelligence practices varies between sectors.
• Geopolitical events significantly influence cyber threats.
• AI tools can assist but come with their own challenges.
• Understanding biases in AI is critical for effective intelligence.

Resources and references mentioned

• SATs training - https://inteltradecraft.com/sat-certifications
• SANS FOR578 CTI - https://www.sans.org/cyber-security-courses/cyber-threat-intelligence
• Structured Analytic Techniques (SAT) training - https://inteltradecraft.com/sat-certifications
• Arno exemplifies "spending time to save time" - https://opensourceintelligence.biz/vague-osint-questions/
• ICD 203 - https://www.dni.gov/files/documents/ICD/ICD-203.pdf
• Intelligence agencies are starting to crowdsource information and recruits! For example, the MI6 platform, Silent Courier: https://www.gov.uk/government/news/new-dark-web-portal-launched-to-recruit-spies-to-support-uk-security

Chapters

00:00 Introduction to Terry's Journey

02:54 Training and Development in Intelligence

05:52 Transitioning from Government to Private Sector

08:58 Challenges in Intelligence Analysis

11:50 The Role of Planning in Intelligence Work

14:51 The Maturity of Intelligence in the Private Sector

17:53 The Impact of Geopolitics on Cyber Intelligence

20:56 The Future of AI in Intelligence

23:43 Open Source Intelligence vs. Open Source Information

26:47 Advice and Reflections on Intelligence Work

This conversation is a compressed edit of an interview Freddy has conducted as part of his PhD research. The interview happened on May 3rd, 2025 in London, England.

In this conversation, Freddy and Will delve into the world of Cyber Threat Intelligence (CTI) and sharing communities, exploring of Will T, the journey of a cybersecurity professional, the importance of training and community, the challenges faced in threat reporting, and the impact of AI on the field.

They discuss the evolution of CTI, the necessity for critical thinking, and the ethical considerations surrounding the use of AI in intelligence work. The conversation emphasizes the need for collaboration and knowledge sharing within the cybersecurity community to enhance overall effectiveness against cyber threats.

Takeaways

• The importance of foundational knowledge in cybersecurity.
• Real-world experience is crucial for developing analytical skills.
• Training can significantly enhance an analyst's capabilities.
• Community support is vital for sharing knowledge and resources.
• AI can assist in summarizing and analyzing data but has limitations.
• Ethical considerations are paramount when using AI in intelligence.
• Critical thinking is essential in evaluating threat reports.
• Transparency in threat reporting builds trust with stakeholders.
• Continuous learning and adaptation are necessary in cybersecurity.
• Collaboration within the community can lead to better threat mitigation.

Resources & References Mentioned

• Rob M. Lee - https://www.dragos.com/team/robert-m-lee/
• SANS FOR578: https://www.sans.org/cyber-security-courses/cyber-threat-intelligence/
• SANS FOR589: https://www.sans.org/cyber-security-courses/cybercrime-investigations/
• Chainalysis Blockchain Intelligence: https://www.chainalysis.com/blockchain-intelligence/
• SANS blog post on Admiralty Scale https://www.sans.org/blog/enhance-your-cyber-threat-intelligence-with-the-admiralty-system/
• Oracle incident - https://www.csoonline.com/article/3953644/oracle-quietly-admits-data-breach-days-after-lawsuit-accused-it-of-cover-up.html
• Flavio Queiroz's LinkedIn post - https://www.linkedin.com/posts/flavioqueiroz_threathunting-threatdetection-threatanalysis-activity-7310254153732141056-b-Ba/
• Council of Experts: https://blog.bushidotoken.net/2024/04/strengthening-proactive-cti-through.html
• Will's Projects: https://github.com/BushidoUK#-my-projects
• Ransomware Tool Matrix: https://github.com/BushidoUK/Ransomware-Tool-Matrix
• Curated Intelligence: https://www.curatedintel.org/
• MITRE ATT&CK: https://attack.mitre.org/
• Diamond Model of Intrusion Analysis: https://www.activeresponse.org/wp-content/uploads/2013/07/diamond.pdf?adlt=strict
• Mapping TTPs: https://github.com/BushidoUK/MITRE-Mappings
• Curated Intel website - https://www.curatedintel.org/
• Microsoft Security Copilot: https://www.microsoft.com/en-us/security/business/ai-machine-learning/microsoft-security-copilot

• 
  

Chapters

00:00 Introduction to Cyber Threat Intelligence

02:48 Career Journey in Cybersecurity

06:08 Understanding Cyber Threat Intelligence

09:06 The Role of Training in Cyber Intelligence

11:57 Teaching and Sharing Knowledge in Cybersecurity

15:08 The Importance of Community in Cyber Intelligence

17:54 Challenges in Cyber Threat Reporting

20:56 The Impact of AI on Cyber Threat Intelligence

24:08 Future of AI in Cybersecurity

26:47 Ethics and Challenges of AI in Intelligence

29:57 Conclusion and Final Thoughts

This conversation is a compressed edit of an interview Freddy has conducted as part of his PhD research. The interview happened on May 2nd, 2025 in Bournemouth, England.