Adapting to Win: Agile Solutions for the Cyber Battlefield

Outdated tools and slow acquisition processes leave defensive cyber teams struggling to keep pace, exposing networks to increasingly sophisticated attacks. For the Department of War (DoW), this means critical missions could be compromised, while for businesses, it translates to operational disruptions, financial losses and reputational damage. The cost of inflexibility is measured in dollars and in the erosion of trust and potential loss of life in high-stakes scenarios.  

Agility over size: A lesson from the cyber frontlines 

When serving in the U.S. Army’s Cyber Protection Brigade, I led a team of elite engineers to design and field the Army’s first-ever defensive cyber fly-away kits. The success of these kits proved agility and flexibility are a must in their continued iterations. Essentially carry-on-sized mobile data centers, the defensive cyber fly-away kits were significant, moving beyond static security operations center (SOC) data centers to bring advanced cyber defenses to various locations, including austere and forward deployed missions. Built to protect our nation and allies, these systems and the software frameworks behind them are still actively used today, a decade later, delivering mission-critical security where it’s needed most.

One of the challenges of building the fly-away kits was to pack data center-level compute and storage into systems that could fit in overhead bins on commercial flights, deploy in hours at mission sites and operate in air-gapped (physically isolated from external networks, including the internet, to prevent unauthorized access) environments. They had to be easily configured to meet diverse mission needs and securely reset for rapid redeployment, ensuring safe and reliable defenses. This situation required creative solutions to deliver powerful tools under tight constraints. We leaned heavily on automation and infrastructure as code (IAC) to streamline the deployment of operating systems, clustered compute, storage and various cyber tools, depending on mission requirements. 

With flexible, fast-deploying tools in the hands of cyber teams, commanders can place defenses precisely where they matter most. This level of agility lets defenders shift with mission demands and consistently stay ahead of adversaries — without needing massive resources to do it. It’s the kind of capability directly reflected in U.S. Cyber Command’s Challenge Problem Set, which prioritizes adaptive, network-defending technologies.

 Lt. Gen. Paul Stanton, DoW Cyber Defense Command commander, captured this at the Military Cyber Professionals Association’s HammerCon 2025, urging cyber professionals to stop “chasing incidents” and instead “think about what the enemy is attempting to accomplish” to impose “pain and cost” on them. His directional shift to a warfighting mindset resonates in broader DoW circles — "It's not let me set my firewall and forget it.” Using proactive strategies like deception, zero trust, network segmentation, threat hunting and continuous monitoring coupled with AI to enhance their capabilities are just some of the examples of how defenders can bolster cyber defenses. 

Empowering humans for proactive cyber defense 

Outsmarting determined cyber adversaries demands a fundamental shift: from reacting to breaches to preventing them outright. True cyber defense requires anticipating an attacker’s next move – thinking like the threat, not just cleaning up the aftermath.  The DoW must prioritize threat hunting, using decoy systems to trick attackers into exposing their moves early. Zero trust is non-negotiable, verifying every user and device to lock out unauthorized access. We need to close the gap where tools spot threats but don’t act, like when systems flag malware but let it run. Agile, AI-powered tools empower human defenders by automating routine tasks, analyzing threats at machine speed and providing actionable insights. The human-AI partnership will allow cybersecurity teams to focus on strategic decision-making and help them outmaneuver adversaries. Smart platforms that instantly quarantine suspicious activity turn detection into defense, helping DoW analysts keep networks secure.

Building a resilience cyber future with Leidos

To protect mission-critical data and analytical decision systems, the DoW must make bold changes. First, adopt threat hunting and deception to catch attackers early, using decoys to expose their moves. Second, enforce zero trust across all systems, verifying every user to safeguard sensitive data. Third, fix the gap where tools detect threats but fail to act, ensuring platforms like security orchestration and automated response (SOAR) kick in automatically. These steps, supported by $1.8 billion annually for AI research, strengthen the systems that drive the DoW’s mission, from logistics to command and control.

In addition, agility demands flexible acquisition. Traditional contracts can take years, but attackers don’t wait. Other Transaction Agreements (OTAs) help the DoW rapidly prototype AI-driven tools, unlike slower Federal Acquisition Regulation-based (FAR) contracts. OTAs enable letting the DoW test cutting-edge platforms in months, not decades. With budgets rising, these strategies ensure the DoW keeps pace with AI-powered threats.

The cyber battlefield is relentless, but Leidos is positioned to support defenders with the tools, expertise and agility needed to stay ahead of adversaries. Leading the Cyber Protection Brigade’s fly-away kits initiative taught me that speed and smart technology win the fight.  And Leidos is where cyber authority meets the kind of agility that moves the mission forward. 

From zero trust to cyber deception and other advanced defensive tools, we adapt to the cyber terrain as needed, including enterprise legacy systems, cloud systems, military platforms, critical infrastructure, OT/IT environments and SCADA/ICS. By combining advanced AI-driven tools with proactive strategies, we help our customers safeguard the world’s most critical networks. 

Learn more about Cybersecurity Solutions with Leidos