The mechanism. Weapons primes get paid when Congress funds a platform. Leidos (LDOS) gets paid when the executive branch simply issues a directive. Since January 2025's cybersecurity executive order and its follow-on Binding Operational Directive authority for CISA, plus the June 2026 AI executive order ordering agencies to "upgrade American systems for advanced AI" within 30 days, the federal government has been on a recurring cycle of top-down IT mandates — post-quantum cryptography migration (OMB M-26-15), logging and network-visibility overhauls (OMB M-26-14), and Zero Trust compliance deadlines. Every one of those memos becomes a task order. Leidos doesn't need a new weapons program to win; it needs an inbox full of compliance deadlines from OMB and CISA, and it already has the prime IT-services contracts (DISA, State Department, VA, IRS) sitting in place to absorb the work.

Who cashes in:

  • LDOS — Leidos is the purest civilian/defense-crossover IT-services play in the group. It just modernized DISA's Compartmented Enterprise Services Office IT operations and won multiple digital-modernization and cybersecurity task orders under the State Department's Evolve contract — exactly the kind of "upgrade the network because Washington said so" work that scales with every new OMB memo, independent of any single weapons budget.
  • LHX — L3Harris has real communications/cyber and space-sensor exposure but is more platform- and hardware-dependent than Leidos; it benefits at the margin when cyber-modernization dollars touch tactical networks, but its stock still moves mostly on defense appropriations, not OMB memos.
  • GD — General Dynamics' GDIT services arm captures some of the same civilian-agency IT-modernization tailwind (it runs large federal network and cloud contracts), giving it a secondary, smaller version of the Leidos policy-sensitivity profile.