Cyber operations today extend beyond traditional perimeters. Attacks can (and do) come from anywhere, target anything, and evolve in real time. Most agencies are actively defending, disrupting, and outmaneuvering persistent adversaries. But as threats grow more sophisticated and relentless, the mission is no longer about protection alone. Instead, it must also be about speed, coordination, and taking the initiative.

This is why GDIT convened government and industry leaders as part of our Emerge event series to explore how agencies are strengthening cyber collaboration, accelerating response, and adopting more forward-leaning approaches.

At the event, GDIT Senior Vice President Aaron Bedrowsky said it well: “Our adversaries are moving at an accelerated pace … AI has been a game changer for defensive automation but also offensive, and we should use that to our advantage.”

Indeed. He continued by explaining that full-spectrum cyber technologies and tools can address advanced defensive cyber – which includes things like anomaly and threat detection, red-teaming and purple teaming, and remediation – along with cyber data collection and analysis, OSINT collection and dark web-mining, reconnaissance, as well as purely offensive cyber.

Throughout my career and certainly throughout our collective experience at GDIT we have seen this to be the case. This is why, at Emerge, we focused our attention on situational awareness, threat intelligence, cyber as a true mission theater, contested environments, and proactive and defensive cyber operations. That spectrum – from awareness to proactive defense – and the evolutions in tactics and technologies at every stage represents the challenge confronting today’s cyber professionals.

Looking ahead, as we heard at the event, every cyber professional must be mindful of the full-spectrum of cyber risks and defenses while also focusing on resilience and the type of diligence that maintains that resilience for the long-term. In that vein, the “assume breach” mindset that we heard our partners at CISA talk about will serve us all well. We need to be able to respond and defend against breaches of all types.

Speakers talked about making risk-based decisions, establishing tradecraft and developing a playbook that defines how they're going to respond to an event while continuously preparing for the next one. We heard panelists talk about the importance of AI and human-in-the-loop cyber systems. In the session on cyber as mission theater, speakers said it should be the goal that every tactician knows how to use cyber and is trained in it. I couldn’t agree more. The focus should be less about compliance and more about resiliency.

We heard the phrase “active cyber, defensive posture.” Every organization should do that and constantly look at how they’re doing that and evolving their capabilities in line with the evolving threat, risk and technology landscapes.

There was so much to take-in from the sessions and the expertise of our speakers. Watch videos from the event here.