Retired NYPD Lieutenant Gustavo Rodriguez has a message on cyber security that he is trying to convey to anyone who will listen.
The Center for Homeland Defense and Security alum recently celebrated the 10th anniversary of the date—Jan. 23, 2015—that he calls “the day New York City took ownership of the Cyber Mission” by taking the first steps toward creating its Cyber Command, and pointed to the approaching Second Annual Billington State and Local Cyber Security Summit in March in Washington, DC, by humbly calling for national leaders to follow the example set by the nation’s largest city in prioritizing cyber security through local collaboration and communication to “better protect local municipalities nationwide.”
Rodriguez (Master’s Program cohort 0905/0906), who was among the first responders to the terrorist attacks at the Twin Towers on 9/11 before helping found his city’s Cyber Command and leading the effort to improve its cyber security, warned that the nation could be facing another major attack without a more targeted and concerted effort, at the local level, to protect itself in the cyber realm. And the founder and CEO of the private cybersecurity firm Digital First Responders said his overarching message is to promote collaboration between American big tech firms and the tens of thousands of local governments who he argued desperately need better cyber security, including by acknowledging that digital first responders and other first responders “are one in the same-in mitigating life and death situations.”
“As a First Responder to Ground Zero who saw the unimaginable, I look forward to sharing the Jan. 23, 2015, anniversary with the Office of the National Cyber Director at the White House, all American big tech who interact with local municipalities daily and all participants at the 2025 Billington State and Local Cyber Security Summit,” Rodriguez said, noting that the summit will “bring together top federal, state, local and tribal government officials in the cyber realm to learn from one another,” and adding that he “could not help but think how important [the Jan. 23, 2015] date is to New York City.”
Rodriguez said he keeps a copy of the email from that date (Jan 23, 2015) when the NYPD contacted the LAPD, which he had learned through his CHDS contacts and a long deployment with the FBI Cyber Task Force was already creating its own cyber command, to learn more about its mission. After a lengthy email thread and a lot more collaborative work, New York Cyber Command was officially born in July of 2017.
Since then, Rodriguez has devoted himself to spreading the cyber resilience message as widely as possible through a variety of speaking engagements and panel presentations using his experience including the principles from his award-winning CHDS thesis entitled “Creating Domestipol: Increasing National Resilience by Reflecting on the NYPD Counter Terrorism Model,” which studied the challenges of information sharing among large city police departments and advocated for more coordination and communication both horizontally with other law enforcement and vertically with other levels of government, to prevent another 9/11.
Ultimately, he said, “empowering and enabling local municipalities to take ownership of the cyber problem at the local level is the key. Local municipalities nationwide have police departments, fire departments, and EMS departments to handle public safety, and should [also] have their own cyber command capabilities at their own respective scales.”
“If you are the head of one of the 3,143 local counties nationwide and you don’t have your own version of cyber command, you are failing to prepare and preparing to fail.”
One of the lessons Rodriguez said New York City learned is that when a cyber-attack hits and endangers everything from critical infrastructure to law enforcement’s ability to respond, local jurisdictions can’t wait for the “cavalry to arrive,” pointing out that local jurisdictions typically respond to a cyber-attack by announcing that federal officials will be conducting an investigation and handling the response.
While federal agencies are available to help, Rodriguez said local jurisdictions must take steps to protect themselves.
“Superman’s not coming,” he said. “We need to allow locals in America to take ownership of the cyber problem themselves. I want them to say this is what we know, this is what we don’t know, this is what we’re doing about it and have done about it to proactively protect ourselves.”
Acknowledging the demands of funding and other resources, Rodriguez said that’s where the New York City model can be useful, noting that it involves communications and collaboration among local jurisdictions and with the private sector, including cyber technology firms. He pointed out that New York City partnered with IBM to train its Cyber Command staff, and private tech firms such as Microsoft, Google, Amazon, and the like, should also be willing to help because, he noted, they owe it to the nation’s communities where they exist and conduct business.
“This is good for big tech organizations to make sure their cities are secure in the cyber realm because it’s where they do business and where their employees live, and it just makes too much sense for everyone,” he said. “Little by little, I think [collaboration is] going to happen because we know we don’t want another 9/11.”
While Rodriguez acknowledged New York City and its Cyber Command model are “not perfect,” he argued it has a clear advantage to offer other communities.
“What does New York City have that other communities don’t have?” he asked. “A fighting chance, born out of the lessons of 9/11.”
