Josh Salmanson, vice president and defensive cyber practice lead at Leidos, discussed how organizations can strengthen cyber resilience in contested and high-threat environments as federal missions increasingly depend on secure digital infrastructure.
As agencies navigate increasingly complex cyberthreats and contested digital environments, conversations about resilience and mission readiness are gaining urgency across government and industry. The 2026 Cyber Summit offers leaders an opportunity to exchange ideas with peers shaping federal cybersecurity strategies. Sign up now to join the event on May 21.
How Should Cyber Systems Be Designed for Contested Environments?
In a recent GovCon Conversation video interview with Executive Mosaic Senior Content Manager Charles Lyons-Burt, Salmanson said cyber resilience begins early in the system design process.
“Well it definitely starts in early in our design process as we’re looking at problems and coming up with creative ways to solve them,” he said.
In military terms, he explained, teams should start “as far left at boom as possible,” designing systems differently when they are expected to operate in denied or contested environments rather than commercial cloud settings.
He added that organizations often adapt existing capabilities for emerging mission needs.
“How do we take what’s working today and maybe put it into a slightly different form factor to be able to help an ally do a better job of defending themselves?” Salmanson said.
Why Is Asset Visibility Critical to Cyber Defense?
Salmanson emphasized that understanding enterprise assets and configurations remains foundational to defense.
“If you know what you have and how it’s configured and what’s happening and what’s normal on your networks and you know what’s coming that’s the threat intel piece then it’s pretty easy to defend,” he said.
He noted that some organizations struggle with incomplete visibility into their infrastructure.
“There’s a lot of organizations that have assets and they didn’t know they were theirs,” Salmanson said, adding that defending unknown assets can be particularly difficult.
How Can Automation & Threat Intelligence Support Resilience?
Salmanson said automation, cyber deception and collaborative threat intelligence play important roles in defending modern systems.
Leidos incorporates automation where possible, particularly in cloud-native environments, and uses cyber deception techniques to slow adversaries and impose costs on malicious actors.
“We fully leverage all these advanced collaborative threat intelligence tools that we can tailor for every customer’s environment,” he said.
How Does Spectrum Awareness Improve Cyber Defense?
Operating in contested environments often requires visibility into wireless and radio frequency domains.
“When you go to high threat environments, you’re often times on wireless and the hardest thing for most people to comprehend is you can’t see radio frequency spectrum,” Salmanson said.
He explained that without tools to visualize that spectrum, defenders may not know whether adversaries are already operating in their environment.
“So unless you have tools that allow you to see those spectrums, you don’t always know if you actually have adversaries in your space already or not,” Salmanson said.
He added that visualizing the environment helps organizations better understand contested spaces and defend their assets.
“So we bring the capability to visualize the environment to the table. All of that’s very helpful in helping us defend and also to look at this contested space a little differently. Not everybody looks at the spectrum as it applies to defending their other assets and we do,” he said.
How Is Leidos Breaking Down Cyber Silos Across Enterprise Operations?
Salmanson said Leidos is integrating cyber capabilities across practice areas to support digital modernization and transformation efforts.
“We established the DigMod practices … to be able to bring a secure and unified front to all of the digital modernization and transformation efforts,” he said.
He added that the company integrates cyber data with operational telemetry from other practice areas, noting that siloed operations can limit visibility across the enterprise.
