Mauritius
- Manish Lobin
- Ghazi Mabrouk
Intermediate
Event organizer(s)
Supported by
Description
This course is designed to introduce the in-depth concept of cyber threat intelligence to participants and provide them with the practical experience to gain cyber threat intelligence skills required to make security teams better, threat hunting more accurate, incident response more effective, and organizations more aware of the evolving cyber threat landscape. Cyber threat intelligence is an area of cybersecurity that focuses on the collection and analysis of information about current and potential attacks that can threaten the safety of an organization or its assets.
With generous support from the European Union’s Global Gateway initiative, participation in this training programme is free of charge for selected applicants. This includes accommodation, meals, and all planned learning activities during the training. Participants or their organizations are responsible for covering travel expenses and any visa application costs for Mauritius, if applicable.
This training is intended for incident handlers, network engineers, SOC analysts, CERT analysts, security analysts, network administrators, and other cyber security professionals in government institutions.
The maximum number of participants in this training is limited to 25.
Members of the above-mentioned target population are invited to apply for the training if they meet the following criteria:
- Hold an undergraduate degree in a relevant field, or have a minimum of three years of professional experience in the sector if they do not hold a university degree.
- Have basic knowledge of cybersecurity and cyber threat intelligence.
- Have a good command of the English language.
Government officials and policymakers from developing countries, particularly women, are encouraged to apply. Selection will be done by the course organizers upon considering the above entry requirements in addition to the analysis of the application questionnaire and the recommendation / motivation letter of each applicant.
Upon completion of this course, participants will be able to:
- Describe the concept of Cyber Threat Intelligence (definition, objectives and specific vocabulary)
- Apply tactical, operational, and strategic-level threat intelligence
- Use CTI-specific models
- Generate threat intelligence to detect, respond to, and defeat focused and targeted threats
- Outline the different sources to collect adversary data and how to exploit
- Validate information received externally to minimize the costs of bad intelligence
- Develop analysis skills to better comprehend, synthesize, and leverage complex scenarios
- Identify and create intelligence requirements through practices such as threat modeling
The training will include presentations by subject matter experts by CERT-MU, analysis of examples and real-world case studies such as WannaCry ransomware, as well as group exercises followed by instructor feedback.
Grading matrix:
- Active participation: 10%
- Group exercise & presentation for Day 1: 30%
- Group exercise & presentation for Day 2: 30%
- Day 4 final exam: 30%
A total score of 70% or higher is required to obtain the ITU Academy certificate. Please note that full attendance throughout the training is mandatory for certification.
Arrival – Sunday, 30 August 2026
19:00: Group dinner at hotel
Day 1 – Monday, 31 August 2026
9:00-9:30: Opening remarks
10:00 – 11:00: Introducing Cyber Threat Intelligence
- Understand the current cyber threat landscape
11:00-11:45: Case study analysis on a cyber threat scenario
- Analyse simulated threat data, identify key indicators, assess intelligence sources, and collaboratively create actionable threat reports
11:45-12:15: Debriefing
- Review participants findings, discuss the methodologies they used, and address any challenges encountered during the exercise
13:15-14:00: Cyber Threat Intelligence Objectives
- Categorise CTI and examine its objectives
14:00-15:00: Categorising CTI for a Threat Scenario
- Apply the categories of CTI via analysis of a simulated threat scenario
15:00-15:45: Debriefing
- Review participants findings, discuss the methodologies used, and address any challenges encountered during the exercise
16:00 -17:00: CTI Lifecycle
- Examine the different phases of the CTI lifecycle
19:00: Dinner at Hotel for international participants
Day 2 – Tuesday, 1 September 2026
09:00-09:30: Recap of day 1
09:30 – 10:00: Challenges in the CTI Lifecycle
- Analyze the practical challenges organisations face at each phase of the CTI lifecycle.
10:00 -11:15. CTI Frameworks
- Explain different CTI frameworks and select the right framework for information sharing
11:30 – 12:30: CTI Protocols
- Outline CTI protocols to allow the sharing of threat intelligence in a structured and secured manner
13:30 – 14:00: CTI platforms
- Outline the different CTI platforms and their usage
14:00 -14:30: Introduction to the MISP interface
- List the core features and capabilities of MISP, and select and fetch feeds from the platform
14:30 – 15:45: Adding events on MISP
- Analyze threats on the MISP platform
16:00 – 17:00: Sharing of CTI using MISP
- Manage the sharing of CTI among trusted communities
19:00: Dinner at Hotel for international participants
Day 3 –Wednesday, 2 September 2026
09:00-09:30: Recap of day 2
09:30 – 10:30: Introduction to Threat Intelligence Reports
- Distinguish the challenges of threat intelligence reporting
- Examine the CTI reporting concepts and the ways of presentation
10:45-11:30: Creating CTI Reports
- Create good and concise CTI reports
11:30 – 12:30: Creating CTI Reports using tools
- Use tools to generate CTI reports
13:30- 14:30: Revision Time
14:30 – 15:45: Training wrap up
- Summary of the experiences and things learned during the course
19:00: Dinner at Hotel for international participants
Day 4 – Thursday, 3 September 2026
09:15-10:15: EXAM
10:15 – 10:30: Course evaluation
10:45– 12:30: Certificate award ceremony & closing
Tutors
Registration information
Unless specified otherwise, all ITU Academy training courses are open to all interested professionals, irrespective of their race, ethnicity, age, gender, religion, economic status and other diverse backgrounds. We strongly encourage registrations from female participants, and participants from developing countries. This includes least developed countries, small island developing states and landlocked developing countries.
