Presented by Broadcom
October 29, 2025
Subscribe and listen to the Fed Gov Today Podcast anytime on Apple Podcasts, Spotify, or at FedGovToday.com.
Garrett Lee, Regional Vice President for Public Sector in Broadcom’s Enterprise Security Group, sees today’s battlefield as much more digital than physical. In his conversation with Francis Rose, Lee paints a vivid picture of how cybersecurity has become a mission-critical function for national defense. The weakest link, he says, isn’t always a jet or a tank—it might be a laptop sitting in a hangar or a sensor in a forward operating base. In a world where cyber is now a contested domain, visibility at every endpoint is essential.
Lee explains that the Defense Information Systems Agency (DISA) has been expanding its endpoint detection and response (EDR) capabilities to strategic partners across the Department of Defense. This service automates lower-level cyber tasks, freeing defenders to focus on higher-priority threats. But the challenge is enormous: thousands of networks, countless devices, and the massive scale of modern defense systems make comprehensive protection a daunting task. Beyond the military itself, the contractor community adds another layer of vulnerability. Many defense industrial base contractors, he notes, have historically struggled to secure controlled unclassified information—creating openings adversaries can exploit.
One major step forward, Lee says, is the Cybersecurity Maturity Model Certification (CMMC). While it may seem burdensome, especially for smaller contractors, it’s a necessary evolution. “This is the security of the nation,” he stresses, echoing the sentiment of CMMC’s longtime advocates. As state-sponsored actors from China, Russia, and others become more sophisticated, the U.S. must raise its own defenses in kind.
Lee also highlights the dangers of “just good enough” security. Too often, agencies and organizations equate compliance with real protection. “Compliance doesn’t equal security,” he warns. Checking boxes may satisfy oversight, but it doesn’t stop intrusions. True cybersecurity requires visibility, adaptability, and an understanding of each system’s unique environment. For the Department of Defense, this includes disconnected or air-gapped environments—places like ships, submarines, and forward bases where internet access is limited or nonexistent. In these settings, traditional cloud-based tools can’t always operate effectively. Instead, the focus must shift to hybrid and on-premise solutions that work independently of the cloud.
Even in these isolated networks, Lee says, strong defenses are non-negotiable. There’s a misconception that air-gapped systems are inherently safe because they aren’t connected to the internet. In reality, insider threats and physical breaches remain significant risks. “We’ve seen insider threat take root,” Lee notes. Protecting sensitive environments still requires the full suite of cyber tools, from endpoint monitoring to vulnerability management and patching.
Artificial intelligence, Lee adds, is transforming both sides of the cyber fight. Adversaries are using AI to automate attacks and develop more advanced malware. But defenders are leveraging it too. Broadcom, for example, trains private AI models to detect and predict attacker behavior. These models learn from known attack patterns—just like predictive text suggests your next word—and anticipate what adversaries might do next.
Lee sees the endpoint as both the first line of attack and the first line of defense. Achieving true security means treating every device, from a soldier’s laptop to a cloud container, as mission-critical. The road to zero trust is long, he admits, but it’s essential—and the endpoint is where that journey begins.