By Justin Miller
Thank you for reading this post, don't forget to follow and signup for notifications!
Every crime today leaves a digital trace. From a street-level drug deal arranged through encrypted messaging apps to an international fraud scheme moving millions with a few keystrokes, technology has become the new crime scene. Yet while criminals adapt quickly to exploit cyberspace, many law enforcement officers still face these challenges without the training or tools to respond effectively.
Without the ability to capture digital evidence, interpret online behaviors, or follow the electronic trail, critical cases risk stalling before they begin. Training officers in cybercrime investigations is no longer a specialized luxury — it is a frontline necessity.
What is cyber readiness in law enforcement?
Cyber readiness is the ability of officers to recognize, respond to and investigate crimes involving digital evidence. It includes skills in identifying cyber threats, collecting digital evidence, and coordinating with technical and federal partners.
The foundation of cyber training
From 2019 to 2022, I had the privilege of training State, Local, Tribal, and Territorial (SLTT) law enforcement officers, prosecutors and judges at the National Computer Forensics Institute (NCFI). We taught lab management, network intrusion, credit card skimming, digital forensics, and even how to demystify the command line. Yet every class began the same way — with a lesson called “Surviving the Conversation.”
Training officers in cybercrime investigations is no longer a specialized luxury — it is a frontline necessity.
Surviving the (cyber) conversation isn’t about throwing around technical jargon. It’s about function and communication — the ability to project competence, build trust, and earn access and confidence from stakeholders involved in a digital investigation. Victim organizations are often hesitant to open their operational playbooks or discuss their networks or data with outsiders. Officers who can establish credibility and trust at that crucial moment are the ones who move the case forward.
This skill set comes naturally to law enforcement. Officers already wear many hats: one moment they are writing a ticket, the next they are pulling someone from danger. They make split-second, life-altering decisions daily while appearing calm and routine. That same adaptability — the ability to pivot roles instantly and communicate with confidence — is exactly what’s needed in the cyber realm and perfectly positions law enforcement to “survive the conversation.”
Why readiness matters
Cyber readiness isn’t theoretical; it’s essential. Consider the attempted Bowman Dam breach in Rye Brook, New York, where Iranian hackers tried to gain control of water infrastructure. Or more recently, the attacks on Mission, Texas, and New York, NY, where digital communication systems vital to the community and continuity of operations were targeted.
These cases reveal the stakes: cyber incidents aren’t just about stolen credit cards or compromised email accounts. They can put entire communities — large or small — at risk, threatening water supplies, energy grids, communication, transportation and emergency services. When the critical infrastructure of a community is targeted and its operational systems are impeded, the stakes become extraordinarily high.
According to FBI IC3 reports, cybercrime losses exceeded $12.5 billion in 2023, yet many local agencies still lack even one officer trained in digital evidence collection. The imbalance is especially stark in rural and small-town departments, where limited budgets and staffing shortages often make cyber training an unaffordable luxury. While large metropolitan areas can dedicate personnel or partner with cyber task forces, smaller communities remain on the front lines with little more than goodwill, outdated equipment, and a growing list of digital threats.
When response falls short
Recent events illustrate the consequences of that imbalance. When Mission, Texas, suffered a crippling cyberattack, the city asked the governor to declare a state of emergency — and that request was denied. In that moment, Mission’s officers and IT staff were left to confront a sophisticated intrusion with limited technical expertise and no external support.
Similar vulnerabilities persist across southern New Mexico border communities such as Las Cruces and Deming, where local governments face the same types of threats with even fewer resources to respond. Cyber incidents in these areas don’t just disrupt operations; they can paralyze emergency communications, shut down public utilities and impede law enforcement coordination across entire regions.
When local departments cannot respond, victims are often told to “report online,” eroding public trust and delaying justice. But cybercrime doesn’t respect population size or jurisdictional boundaries. A ransomware attack against a rural hospital or county government can be just as devastating as one in a major city. Digital readiness at the local level is no longer optional; it is an element of public safety and community resilience.
Building local capability
Recognizing this vulnerability, the U.S. Secret Service placed an experienced Subject-Matter Expert in Cyber Training and Operations to establish a domiciled field office within the Department of Homeland Security network. Embedding a cyber-trained agent in a small community delivered immediate results, providing technical cellphone extractions that generated critical evidence in cases involving crimes against children and homicide. This local capacity made a measurable difference, proving that when digital readiness is brought to underserved regions, lives are protected, and justice is advanced — proof that “surviving the conversation” changes outcomes, transforming uncertainty into action and achieving coordinated justice.
Equal access to protection
For those who work at the National Computer Forensics Institute (NCFI) and similar training organizations, this reality underscores a deeper responsibility. It is crucial to ensure a formal and equitable selection process — one that gives small and rural departments the same opportunities for training and certification as their larger counterparts. Equal access to digital readiness isn’t just fairness in policy; it is fairness in protection.
This is what we mean by “surviving the conversation.” It’s understanding what digital readiness is and helping others prepare or fix vulnerable systems. It’s the preparedness of law enforcement officers to understand, recognize and respond effectively to these threats at the ground level. A digitally ready officer can stand in the server room of a breached utility, survive the cyber conversation, and immediately begin securing evidence and coordinating with partners at the commercial, academic, and federal levels. Without this skill set, communities remain vulnerable to adversaries who know that disrupting infrastructure is one of the fastest ways to cause chaos and gain advantage.
The competencies of a digitally ready officer
Digital readiness requires law enforcement officers to:
- Recognize when an incident has digital fingerprints (for example, ransomware on a city server or disrupted water systems).
- Communicate confidently with IT professionals and victims to gain access to information and prioritize recovery efforts.
- Understand the potential community impact, especially when critical infrastructure is the target.
- Act as the first link in a chain that may involve federal partners such as the FBI, DHS, or CISA.
Ultimately, cyber readiness isn’t just about technology — it’s about people too. When officers understand what metadata means or can explain encryption to a victim or local IT staff, it changes the dynamic. They stop feeling like outsiders in a technical conversation and start leading it. That human confidence builds trust with victims, strengthens partnerships with technologists, and turns hesitation into proactive response. Empowered officers create stronger investigations and, in turn, more resilient communities.
A new era of policing
Law enforcement officers already learn to operate daily in high-pressure, fast-changing environments. With cyber training, they can apply the same instincts to the digital front line, keeping communities safe in both the physical and digital worlds.
With proper training through programs like the NCFI, law enforcement officers are uniquely positioned to be the nation’s cyber first responders — moving beyond survival and thriving operationally in cyber investigations. Just as they survive the unpredictability of the street, they can survive the technical aspects of a cyber conversation, allowing better protection for their communities, but also the digital landscapes those communities now depend on.
Investing in cyber training for law enforcement is an investment in national resilience. As communities become more connected — from smart traffic lights to cloud-managed utilities — the line between physical and digital policing has all but disappeared. The next generation of officers must be as comfortable analyzing a log file as they are interviewing a witness, as confident navigating a network as securing a crime scene. The future of public safety depends on it.
About the author
Justin Miller is an innovative academic and former federal law enforcement executive with 25 years of distinguished service in the U.S. Secret Service and five years of leadership in higher education and national cyber training. He is currently Associate Professor of Practice in Cyber Studies and Director of the Cyber Security M.S. Online Program at the University of Tulsa. In this role, he leads curriculum development, partner engagement, program expansion and adjunct faculty leadership for one of the university’s fastest-growing online graduate programs.
Miller has deep expertise in cybersecurity, digital forensics, incident response, critical systems protection, and both in-person and online training, with a proven ability to build programs that strengthen the cyber workforce pipeline. His career accomplishments include creating the Cyber First Responder Curriculum at the National Computer Forensics Institute (NCFI), directing the North Texas Cyber Fraud Task Force, and establishing a new Secret Service field office in Southern New Mexico. Known for forging strategic partnerships across academia, industry, and government, Miller is committed to expanding workforce pathways and increasing access to cybersecurity education. He brings real-world operational experience into the classroom to prepare the next generation of cyber leaders.
