Defensive Cyber in Action: Resilience with Josh Salmanson
In a recent interview with GovCon Conversation, Josh Salmanson, Vice President of Defensive Cyber at Leidos, shared his insights on how defensive cyber is transforming into a mission-critical pillar of digital modernization. Salmanson’s interview highlights Leidos’ innovative approach to integrating cybersecurity across federal agencies’ modernization efforts, with the goal of supporting resilience in the face of evolving threats.
A systems approach to cyber risk management
Salmanson emphasized the importance of managing risk at every level: from individual systems to enterprise-wide operations. He explained how Leidos works to integrate cybersecurity into the design process with the goal of building resilience from the start. This proactive approach contrasts with traditional methods where security is often treated as an afterthought, which can lead to higher costs and delayed success. By working to embed cyber resilience early, Leidos aims to help accelerate digital transformation while safeguarding critical infrastructure.
Reducing technical debt and attack surfaces
One of Salmanson’s key points was the need to address accumulated technical debt within federal agencies. Decades of legacy systems have created overly complex environments, making it difficult to identify or mitigate cyber risks. Leidos works with agencies to help streamline their infrastructure with a goal of reducing attack surfaces and improving operational efficiency. This foundational work is critical to helping shift agencies’ cyber postures from reactive to proactive.
Innovative tools and techniques for cyber defense
Salmanson highlighted Leidos’ use of advanced technologies like cyber deception, AI and ML to help support cyber defense. Cyber deception can impose costs on adversaries by slowing them down and exposing their activities, while AI and ML can improve detection and response capabilities. Salmanson noted that while AI adoption is still maturing, Leidos’ early investments are showing promising results, positioning the company to be a leader in leveraging advanced technologies for cyber resilience.
Collaborative practices for integrated security
Leidos’ organizational structure, centered around collaborative practices, plays an important role in its approach to cyber defense. Salmanson described how the company’s defensive cyber practice works alongside other areas like secure cloud and data center and application modernization to deliver unified solutions. One aim of this integrated approach is that cybersecurity is embedded across all aspects of digital modernization.
Looking ahead: Trends in cyber defense
Salmanson identified emerging trends that federal leaders should consider, including cyber deception, risk management reform and the evolution of security operations. He discussed a potential shift toward AI-driven tools and continuous authorization processes (cATO), which could help enable faster deployment of secure systems. These advancements may help redefine how agencies approach cybersecurity, making it more dynamic, actionable, and integrated. Salmanson’s insights reflect Leidos' focus on advancing innovation in defensive cyber. By combining technical expertise, advancing technologies and a collaborative approach, Leidos works to help federal agencies pursue cyber resilience and mission success in an increasingly contested digital landscape.
