Training and Certification Open for Enrollment Course Code · CSFI-04 · CTDA
Cyber operator developing a target with a heads-up targeting overlay
Cyber Target Development Analyst Joint Targeting Cycle · F2T2EA

Cyber Target Development Analyst

A vital bridge between U.S. military operational-level doctrine and tactical-level implementation, built for the professionals responsible for developing and prioritizing targets in the cyber domain.

CTDA centers on the Target Development phase of the Joint Targeting Cycle, set within the cyberspace operations framework and aligned to DoD and NATO joint and combined doctrine. It enriches existing Joint and Service doctrine; it does not replace it.

Request Enrollment View Course Outline
3 Days Face-to-Face / Live Online / Asynchronous Prerequisite: ICWOD 8 Modules + Capstone
Program Overview

Operational doctrine, applied to the cyber domain

The Cyber Target Development Analyst course equips cyber professionals to understand and apply the joint targeting process. It focuses on the Target Development phase of the Joint Targeting Cycle, integrated within the cyberspace operations framework, and grounds every step in DoD Joint Targeting Development Standards.

Built by CSFI for personnel involved in joint targeting, the course pairs well-articulated definitions aligned to American and NATO joint and combined doctrine with best practices drawn from continuous military operations and exercises. Participants learn through worked examples and hands-on exercises, developing targets at the Basic, Intermediate, and Advanced levels and applying F2T2EA standards to dynamic targets.

3
Days
8
Modules
5
Target Types
Course at a Glance
Course Code
CSFI-04 · CTDA
Duration
3 Days
Delivery
Face-to-Face, Live Online, Asynchronous
Prerequisite
ICWOD
Skill Levels
Basic, Intermediate, Advanced
Doctrine
DoD and NATO Joint Targeting
Dynamic Targets
F2T2EA (Kill Chain)
Tuition
$3,000 per student
Request Enrollment
What You Will Master

Target development, end to end

Equipped with target development procedures, reference materials, and the Joint Targeting Standards, students leave able to develop and defend a cyber target across the full development phase.

01

The Joint Targeting Process

Apply joint targeting principles and the six-phase Joint Targeting Cycle to operations in and through cyberspace.

02

The Target Development Phase

Build targets to DoD Joint Targeting Development Standards at the Basic, Intermediate, and Advanced levels.

03

The Five Target Types

Develop facilities, individuals, virtual entities, equipment, and organizations as cyber targets.

04

Validation and Vetting

Validate and vet targets against ethical and legal cyber recommendations and operational needs.

05

Targeting Intelligence

Run target intelligence research and analysis to complete every element required for target development.

06

Weaponeering and Effects

Weigh capabilities, weaponeering, aimpoints, and collateral damage for precise and proportionate effects.

07

Dynamic Targeting

Apply F2T2EA (Kill Chain) standards to time-sensitive, dynamic targets in the cyber domain.

08

Cyber Target Statements

Produce concise target statements: significance, description, functional characterization, critical elements, and intelligence gain or loss.

Course Outline

Three days, eight modules, one capstone

The program moves from joint targeting principles, through the integration of cyber effects and the phases of cyber target development, to the law of armed conflict and a hands-on capstone.

Day Modules Focus
Day 1 Modules 1 to 2 DoD joint targeting principles and philosophies, then a full pass through the six-phase Joint Targeting Cycle and intelligence support to targeting.
Day 2 Modules 3 to 6 Integrating cyber effects with USCYBERCOM, then Phases 1 to 3 of cyber target development: end state, development and prioritization, and capabilities analysis.
Day 3 Modules 7 to 8, Capstone Law of armed conflict, rules of engagement, and the Tallinn Manual, a consolidated review, and a capstone that develops a cyber target to DoD joint targeting standards.
The six-phase Joint Targeting Cycle from JP 3-60, Joint Targeting
The Joint Targeting Cycle · JP 3-60, Joint Targeting
Module Detail

Inside the curriculum

Open any module to see what it covers. Expand the days below to follow the full arc from doctrine to capstone.

Day 1DoD joint targeting principles and the targeting cycle
MOD 01Introduction to DoD Joint Targeting Principles and PhilosophiesDay 1 · Foundations

The doctrinal bedrock: what targets are, who owns targeting, and how the joint targeting enterprise is organized.

  • Targets and targeting responsibilities
  • Target description and characteristics
  • Categories of targets
  • Understanding joint targeting and its purpose
  • Principles of targeting
  • Targeting prioritization and considerations
  • Targeting and joint operation planning
  • The Joint Targeting Cycle and categories of targeting
  • Joint force targeting duties and responsibilities
  • Joint targeting integration and oversight
  • Joint force staff and component commander responsibilities
MOD 02The Joint Targeting Cycle and Intelligence Support to TargetingDay 1 · The cycle

A walk through all six phases of the Joint Targeting Cycle and the intelligence that supports each step.

  • Phase 1: the end state and commander's objectives
  • Phase 2: target development and prioritization
  • Phase 3: capabilities analysis
  • Phase 4: commander's decision and force assignment
  • Phase 5: mission planning and force execution
  • Phase 6: targeting assessment
  • The relationship between targeting and effects
Day 2Integrating cyber effects and cyber target development, Phases 1 to 3
MOD 03Integrating Cyber Effects into the Joint Targeting CycleDay 2 · Cyber integration

Where cyberspace operations and USCYBERCOM fit into joint targeting, and where the hard problems live.

  • The role of USCYBERCOM in joint targeting
  • Integrating cyberspace operations per DoD targeting doctrine
  • Current challenges in targeting support to cyberspace operations
  • Introduction to cyber target development
MOD 04Phase 1: Cyber End State and the Commander's Cyber ObjectivesDay 2 · Phase 1

Turning commander's intent into cyber objectives, effects, and tasks, with the right symbology and vocabulary.

  • Combined and joint military symbology in cyberspace
  • Operational graphics and commander's intent in cyberspace
  • Centers of gravity, objectives, desired effects, and required tasks
  • Targeting effects vocabulary in the cyber domain
  • Key inputs and outputs
MOD 05Phase 2: Cyber Target Development and PrioritizationDay 2 · Phase 2

Developing entities into targets and managing them through nomination, prioritization, and synchronization.

  • Cyber target system analysis
  • Entity-level target development at Basic, Intermediate, and Advanced levels
  • Electronic folder development
  • Cyber target list management (TLM)
  • Cyber target nomination for prioritization, synchronization, and action
MOD 06Phase 3: Cyber Capabilities AnalysisDay 2 · Phase 3

Matching capabilities to targets, then estimating feasibility, effects, and collateral damage.

  • Target cyber vulnerability analysis
  • Cyber capabilities assignment
  • Cyber feasibility assessment
  • Cyber effects estimate
  • Cyber weaponeering
  • Cyber collateral damage estimation (CDE)
Day 3Law of armed conflict, review, and the capstone
MOD 07Law of Armed Conflict and Rules of Engagement in Cyber TargetingDay 3 · Law and ethics

The legal and ethical guardrails that govern cyber targeting, from LOAC to the Tallinn Manual.

  • LOAC and international law
  • Rules of engagement
  • General restrictions on targeting
  • Precautions in an attack
  • Separation of military activities
  • The Tallinn Manual on international law applicable to cyber operations
MOD 08Review of ContentDay 3 · Consolidation

A consolidated review that ties principles, the cycle, the cyber development phases, and the law together before the capstone.

  • Principles and philosophies of joint targeting
  • The six-phase Joint Targeting Cycle
  • Phases 1 to 3 of cyber target development
  • Legal and ethical considerations in cyber targeting
Capstone

Bringing it all together

Develop a cyber target to DoD joint targeting standards, applying every phase from end state to assessment against one of the five target types. The capstone proves the workflow end to end: research, development, validation, vetting, and a defensible target statement.

Scope and Standards

The five target types

Throughout the course, analysts and operators develop one of the five target types recognized by DoD target development standards for cyber operations, completing the elements required for a sound, defensible target.

Doctrine and references

JP 3-60 Joint Targeting F2T2EA Kill Chain DoD Target Development Standards NATO Joint and Combined Doctrine USCYBERCOM Tallinn Manual LOAC and ROE

Facilities

Fixed or functional sites that house, process, or route the systems behind a mission.

Individuals

People whose role, access, or knowledge makes them decisive to a cyber operation.

Virtual Entities

Accounts, personas, services, and constructs that exist only in cyberspace.

Equipment

Devices and hardware whose function or compromise produces an operational effect.

Organizations

Groups and structures whose capability depends on the networks they rely on.

Night-vision targeting view of figures under observation with a heads-up overlay
Targeting adversary capabilities and infrastructure
Why It Matters

Persistent engagement

Persistent engagement involves targeting adversary cyber capabilities and their underlying infrastructure. This approach prevents adversary nations and non-state actors from launching disruptive and destructive cyberattacks in the first place.

Seal of United States Cyber Command USCYBERCOM United States Cyber Command
Who Should Attend

Built for the cyber targeting mission

CTDA is tailored for cyber personnel involved in joint targeting initiatives, where high relevance and practicality matter.

  • Cyber operators and analysts responsible for targeting cyber assets
  • Cyberspace operations planners integrating effects into the joint targeting cycle
  • Intelligence professionals supporting cyber target development and analysis
  • Joint and service personnel involved in joint targeting initiatives
  • Mission partners aligning cyber targeting to DoD and NATO doctrine
Prerequisite

ICWOD

Admission to CTDA requires prior completion of CSFI's ICWOD course, the prerequisite that establishes the doctrinal foundation this course builds on.

View ICWOD
Cyber Target Development Analyst (CTDA) certification seal Cyber Target Development Analyst CTDA · Issued by CSFI
Certification

Earn the CTDA credential

Participants who complete the course and the capstone earn the Cyber Target Development Analyst (CTDA) certification from CSFI. The credential recognizes the ability to develop cyber targets to DoD joint targeting standards, across all five target types and the full Target Development phase of the Joint Targeting Cycle.

  • Aligned to DoD and NATO joint and combined targeting doctrine.
  • Covers F2T2EA (Kill Chain) standards for dynamic targets.
  • Grounded in the Law of Armed Conflict, rules of engagement, and the Tallinn Manual.
Enroll

Request your seat

Tell us how you would like to attend and we will follow up with dates, scheduling, and logistics. Tuition is $3,000 per student. Seats are confirmed once ICWOD completion is verified.

Notice
The Cyber Target Development Analyst course enriches existing Joint and Service doctrine and is not a substitute for it. CSFI is an independent nonprofit. Course content aligns with publicly available U.S. and NATO joint and combined targeting doctrine, DoD target development standards, and the Tallinn Manual. Course delivery and the CTDA certification are provided by CSFI (Cyber Security Forum Initiative).