Cybersecurity Risk Management and Strategy Disclosure	12 Months Ended
Jan. 03, 2025
Cybersecurity Risk Management, Strategy, and Governance [Line Items]
Cybersecurity Risk Management Processes for Assessing, Identifying, and Managing Threats [Text Block]	RISK MANAGEMENT AND STRATEGY Cybersecurity risk management is an integral part of our digital posture and enterprise risk management strategy. Cybersecurity is critical to maintaining the trust of our customers and business partners, and we are committed to protecting our and their confidential and sensitive information, including personal information, and mitigating cybersecurity risks that impact our systems and networks. We maintain technologies, programs and processes designed to assess, identify, manage and mitigate cybersecurity risks. Our efforts include regular monitoring of Leidos-managed systems and networks for internal and external cybersecurity threats, providing cybersecurity training to our employees during the onboarding process and annually, and continually reviewing and refining formal policies and procedures designed to deter, identify and remediate cybersecurity incidents. We regularly perform evaluations of our cybersecurity program and continue to invest in our capabilities to keep our customers, partners, suppliers and information assets in our possession safe. Although we employ service provider due diligence and onboarding procedures to identify potential cybersecurity risk, our ability to monitor the cybersecurity practices of our service providers is limited and there can be no assurance that we can prevent or mitigate the risk of any compromise or failure in the information system, software, networks and other assets owned or controlled by our vendors. Our Chief Information Security Officer leads our Cybersecurity Intelligence and Response Team (“CSIRT”) whose function is to stay apprised of existing and emerging cyber threats and monitor our global enterprise and proactively identify and protect against cybersecurity risk. The CSIRT uses intelligence collected from various sources, fused with intelligence collected from analysis and response actions, to proactively search for, and address adversary activity against the Leidos network. The CSIRT possesses in-depth knowledge of network, endpoint, perimeter security systems, identity, data protection, threat intelligence, forensics, penetration testing and malware reverse engineering, as well as the functioning of specific applications or underlying information technology infrastructure. Leidos CSIRT owns the incident response process and provides direction and guidance to users of Leidos computing resources when responding to cybersecurity incidents. Leidos CSIRT also provides intrusion monitoring of networks and information systems and continuously monitors the Leidos computing environments and performs triage and analysis of events to identify potential incidents. We employ multiple security and monitoring systems and applications throughout the Company to identify, alert, report and log authorized and unauthorized access to the Leidos systems and networks. We use an application that collects, correlates, and notifies CSIRT analysts regarding any item meeting an electronic intrusion event. We categorize anomalous cyber events into discrete levels in which cybersecurity matters are escalated to certain levels of management, as well as our Board, based on the severity of the incident, as appropriate. Sharing cyber threat information at these levels supports the Company’s ability to integrate cybersecurity considerations into its overarching risk management system and processes. We also conduct periodic internal and third-party assessments to test our cybersecurity controls, perform cyber simulations and exercises, and continually evaluate our internal governing policies and procedures to help detect and respond to cybersecurity events in order to reduce harms or impacts from breaches and other information security incidents.
Cybersecurity Risk Management Processes Integrated [Flag]	true
Cybersecurity Risk Management Processes Integrated [Text Block]	Cybersecurity risk management is an integral part of our digital posture and enterprise risk management strategy. Cybersecurity is critical to maintaining the trust of our customers and business partners, and we are committed to protecting our and their confidential and sensitive information, including personal information, and mitigating cybersecurity risks that impact our systems and networks. We maintain technologies, programs and processes designed to assess, identify, manage and mitigate cybersecurity risks. Our efforts include regular monitoring of Leidos-managed systems and networks for internal and external cybersecurity threats, providing cybersecurity training to our employees during the onboarding process and annually, and continually reviewing and refining formal policies and procedures designed to deter, identify and remediate cybersecurity incidents. We regularly perform evaluations of our cybersecurity program and continue to invest in our capabilities to keep our customers, partners, suppliers and information assets in our possession safe. Although we employ service provider due diligence and onboarding procedures to identify potential cybersecurity risk, our ability to monitor the cybersecurity practices of our service providers is limited and there can be no assurance that we can prevent or mitigate the risk of any compromise or failure in the information system, software, networks and other assets owned or controlled by our vendors.
Cybersecurity Risk Management Third Party Engaged [Flag]	true
Cybersecurity Risk Third Party Oversight and Identification Processes [Flag]	true
Cybersecurity Risk Materially Affected or Reasonably Likely to Materially Affect Registrant [Flag]	false
Cybersecurity Risk Board of Directors Oversight [Text Block]	MANAGEMENT’S RESPONSIBILITIES Our global information security program is led by our corporate Chief Information Security Officer, who works closely with key corporate functional and line of business stakeholders. The Chief Information Security Officer partners with these functions for the purpose of identifying, considering and assessing material cybersecurity risks on an ongoing basis, establishing processes to ensure that such potential cybersecurity risks are monitored, implementing appropriate mitigation measures, reporting cybersecurity breaches and other information security incidents, and maintaining our cybersecurity program. The team of senior management officers, who support our information security program, have expertise with cybersecurity, as demonstrated qualifications such as by prior work experience, possession of a cybersecurity certification, degree, or other cybersecurity experience. Our management team receives regular updates on our cybersecurity posture and reviews detailed information about our cybersecurity preparedness. Additionally, we have a Leidos Security Council that is co-chaired by the Chief Information Security Officer and the Chief Security Officer to address “all security hazards” across our global enterprise to ensure cohesion and effectiveness of our combined security governance and risk mitigations. BOARD’S ROLES AND RESPONSIBILITIES We have a Technology and Information Security Committee, comprised of six board members, with relevant backgrounds and experience, that oversees and advises the Board and management on matters involving the Company’s overall strategic direction and significant business risks and opportunities in the areas of technology and information security. At least quarterly, management provides our Board and the Technology and Information Security Committee with updates about our cybersecurity and related risk exposures, our policies and procedures to mitigate such exposures and the status of projects to strengthen our information security infrastructure and program maturity and defend against and respond to cybersecurity threats. In addition, we use a risk-based escalation process to notify the Board and the Technology and Information Security Committee outside of the regular reporting cycle should we identify a significant emerging risk or potentially material issue that should be brought to their attention.
Cybersecurity Risk Board Committee or Subcommittee Responsible for Oversight [Text Block]	We have a Technology and Information Security Committee, comprised of six board members, with relevant backgrounds and experience, that oversees and advises the Board and management on matters involving the Company’s overall strategic direction and significant business risks and opportunities in the areas of technology and information security.
Cybersecurity Risk Process for Informing Board Committee or Subcommittee Responsible for Oversight [Text Block]	Our global information security program is led by our corporate Chief Information Security Officer, who works closely with key corporate functional and line of business stakeholders. The Chief Information Security Officer partners with these functions for the purpose of identifying, considering and assessing material cybersecurity risks on an ongoing basis, establishing processes to ensure that such potential cybersecurity risks are monitored, implementing appropriate mitigation measures, reporting cybersecurity breaches and other information security incidents, and maintaining our cybersecurity program. The team of senior management officers, who support our information security program, have expertise with cybersecurity, as demonstrated qualifications such as by prior work experience, possession of a cybersecurity certification, degree, or other cybersecurity experience. Our management team receives regular updates on our cybersecurity posture and reviews detailed information about our cybersecurity preparedness. Additionally, we have a Leidos Security Council that is co-chaired by the Chief Information Security Officer and the Chief Security Officer to address “all security hazards” across our global enterprise to ensure cohesion and effectiveness of our combined security governance and risk mitigations.
Cybersecurity Risk Role of Management [Text Block]	We have a Technology and Information Security Committee, comprised of six board members, with relevant backgrounds and experience, that oversees and advises the Board and management on matters involving the Company’s overall strategic direction and significant business risks and opportunities in the areas of technology and information security. At least quarterly, management provides our Board and the Technology and Information Security Committee with updates about our cybersecurity and related risk exposures, our policies and procedures to mitigate such exposures and the status of projects to strengthen our information security infrastructure and program maturity and defend against and respond to cybersecurity threats. In addition, we use a risk-based escalation process to notify the Board and the Technology and Information Security Committee outside of the regular reporting cycle should we identify a significant emerging risk or potentially material issue that should be brought to their attention.
Cybersecurity Risk Management Positions or Committees Responsible [Flag]	true
Cybersecurity Risk Management Positions or Committees Responsible [Text Block]	We have a Technology and Information Security Committee, comprised of six board members, with relevant backgrounds and experience, that oversees and advises the Board and management on matters involving the Company’s overall strategic direction and significant business risks and opportunities in the areas of technology and information security.
Cybersecurity Risk Management Expertise of Management Responsible [Text Block]	The team of senior management officers, who support our information security program, have expertise with cybersecurity, as demonstrated qualifications such as by prior work experience, possession of a cybersecurity certification, degree, or other cybersecurity experience.
Cybersecurity Risk Process for Informing Management or Committees Responsible [Text Block]	MANAGEMENT’S RESPONSIBILITIES Our global information security program is led by our corporate Chief Information Security Officer, who works closely with key corporate functional and line of business stakeholders. The Chief Information Security Officer partners with these functions for the purpose of identifying, considering and assessing material cybersecurity risks on an ongoing basis, establishing processes to ensure that such potential cybersecurity risks are monitored, implementing appropriate mitigation measures, reporting cybersecurity breaches and other information security incidents, and maintaining our cybersecurity program. The team of senior management officers, who support our information security program, have expertise with cybersecurity, as demonstrated qualifications such as by prior work experience, possession of a cybersecurity certification, degree, or other cybersecurity experience. Our management team receives regular updates on our cybersecurity posture and reviews detailed information about our cybersecurity preparedness. Additionally, we have a Leidos Security Council that is co-chaired by the Chief Information Security Officer and the Chief Security Officer to address “all security hazards” across our global enterprise to ensure cohesion and effectiveness of our combined security governance and risk mitigations. BOARD’S ROLES AND RESPONSIBILITIES We have a Technology and Information Security Committee, comprised of six board members, with relevant backgrounds and experience, that oversees and advises the Board and management on matters involving the Company’s overall strategic direction and significant business risks and opportunities in the areas of technology and information security. At least quarterly, management provides our Board and the Technology and Information Security Committee with updates about our cybersecurity and related risk exposures, our policies and procedures to mitigate such exposures and the status of projects to strengthen our information security infrastructure and program maturity and defend against and respond to cybersecurity threats. In addition, we use a risk-based escalation process to notify the Board and the Technology and Information Security Committee outside of the regular reporting cycle should we identify a significant emerging risk or potentially material issue that should be brought to their attention.
Cybersecurity Risk Management Positions or Committees Responsible Report to Board [Flag]	true

Cybersecurity Risk Management Processes for Assessing, Identifying, and Managing Threats [Text Block]

RISK MANAGEMENT AND STRATEGY

Cybersecurity risk management is an integral part of our digital posture and enterprise risk management strategy. Cybersecurity is critical to maintaining the trust of our customers and business partners, and we are committed to protecting our and their confidential and sensitive information, including personal information, and mitigating cybersecurity risks that impact our systems and networks. We maintain technologies, programs and processes designed to assess, identify, manage and mitigate cybersecurity risks. Our efforts include regular monitoring of Leidos-managed systems and networks for internal and external cybersecurity threats, providing cybersecurity training to our employees during the onboarding process and annually, and continually reviewing and refining formal policies and procedures designed to deter, identify and remediate cybersecurity incidents. We regularly perform evaluations of our cybersecurity program and continue to invest in our capabilities to keep our customers, partners, suppliers and information assets in our possession safe. Although we employ service provider due diligence and onboarding procedures to identify potential cybersecurity risk, our ability to monitor the cybersecurity practices of our service providers is limited and there can be no assurance that we can prevent or mitigate the risk of any compromise or failure in the information system, software, networks and other assets owned or controlled by our vendors.

Our Chief Information Security Officer leads our Cybersecurity Intelligence and Response Team (“CSIRT”) whose function is to stay apprised of existing and emerging cyber threats and monitor our global enterprise and proactively identify and protect against cybersecurity risk. The CSIRT uses intelligence collected from various sources, fused with intelligence collected from analysis and response actions, to proactively search for, and address adversary activity against the Leidos network. The CSIRT possesses in-depth knowledge of network, endpoint, perimeter security systems, identity, data protection, threat intelligence, forensics, penetration testing and malware reverse engineering, as well as the functioning of specific applications or underlying information technology infrastructure.

Leidos CSIRT owns the incident response process and provides direction and guidance to users of Leidos computing resources when responding to cybersecurity incidents. Leidos CSIRT also provides intrusion monitoring of networks and information systems and continuously monitors the Leidos computing environments and performs triage and analysis of events to identify potential incidents.

We employ multiple security and monitoring systems and applications throughout the Company to identify, alert, report and log authorized and unauthorized access to the Leidos systems and networks. We use an application that collects, correlates, and notifies CSIRT analysts regarding any item meeting an electronic intrusion event. We categorize anomalous cyber events into discrete levels in which cybersecurity matters are escalated to certain levels of management, as well as our Board, based on the severity of the incident, as appropriate. Sharing cyber threat information at these levels supports the Company’s ability to integrate cybersecurity considerations into its overarching risk management system and processes.

We also conduct periodic internal and third-party assessments to test our cybersecurity controls, perform cyber simulations and exercises, and continually evaluate our internal governing policies and procedures to help detect and respond to cybersecurity events in order to reduce harms or impacts from breaches and other information security incidents.

Cybersecurity Risk Management Processes Integrated [Text Block]

Cybersecurity risk management is an integral part of our digital posture and enterprise risk management strategy. Cybersecurity is critical to maintaining the trust of our customers and business partners, and we are committed to protecting our and their confidential and sensitive information, including personal information, and mitigating cybersecurity risks that impact our systems and networks. We maintain technologies, programs and processes designed to assess, identify, manage and mitigate cybersecurity risks. Our efforts include regular monitoring of Leidos-managed systems and networks for internal and external cybersecurity threats, providing cybersecurity training to our employees during the onboarding process and annually, and continually reviewing and refining formal policies and procedures designed to deter, identify and remediate cybersecurity incidents. We regularly perform evaluations of our cybersecurity program and continue to invest in our capabilities to keep our customers, partners, suppliers and information assets in our possession safe. Although we employ service provider due diligence and onboarding procedures to identify potential cybersecurity risk, our ability to monitor the cybersecurity practices of our service providers is limited and there can be no assurance that we can prevent or mitigate the risk of any compromise or failure in the information system, software, networks and other assets owned or controlled by our vendors.

Cybersecurity Risk Third Party Oversight and Identification Processes [Flag]

true

Cybersecurity Risk Board of Directors Oversight [Text Block]

MANAGEMENT’S RESPONSIBILITIES

Our global information security program is led by our corporate Chief Information Security Officer, who works closely with key corporate functional and line of business stakeholders. The Chief Information Security Officer partners with these functions for the purpose of identifying, considering and assessing material cybersecurity risks on an ongoing basis, establishing processes to ensure that such potential cybersecurity risks are monitored, implementing appropriate mitigation measures, reporting cybersecurity breaches and other information security incidents, and maintaining our cybersecurity program. The team of senior management officers, who support our information security program, have expertise with cybersecurity, as demonstrated qualifications such as by prior work experience, possession of a cybersecurity certification, degree, or other cybersecurity experience. Our management team receives regular updates on our cybersecurity posture and reviews detailed information about our cybersecurity preparedness. Additionally, we have a Leidos Security Council that is co-chaired by the Chief Information Security Officer and the Chief Security Officer to address “all security hazards” across our global enterprise to ensure cohesion and effectiveness of our combined security governance and risk mitigations.

BOARD’S ROLES AND RESPONSIBILITIES

We have a Technology and Information Security Committee, comprised of six board members, with relevant backgrounds and experience, that oversees and advises the Board and management on matters involving the Company’s overall strategic direction and significant business risks and opportunities in the areas of technology and information security.

At least quarterly, management provides our Board and the Technology and Information Security Committee with updates about our cybersecurity and related risk exposures, our policies and procedures to mitigate such exposures and the status of projects to strengthen our information security infrastructure and program maturity and defend against and respond to cybersecurity threats. In addition, we use a risk-based escalation process to notify the Board and the Technology and Information Security Committee outside of the regular reporting cycle should we identify a significant emerging risk or potentially material issue that should be brought to their attention.

Cybersecurity Risk Process for Informing Board Committee or Subcommittee Responsible for Oversight [Text Block]

Our global information security program is led by our corporate Chief Information Security Officer, who works closely with key corporate functional and line of business stakeholders. The Chief Information Security Officer partners with these functions for the purpose of identifying, considering and assessing material cybersecurity risks on an ongoing basis, establishing processes to ensure that such potential cybersecurity risks are monitored, implementing appropriate mitigation measures, reporting cybersecurity breaches and other information security incidents, and maintaining our cybersecurity program. The team of senior management officers, who support our information security program, have expertise with cybersecurity, as demonstrated qualifications such as by prior work experience, possession of a cybersecurity certification, degree, or other cybersecurity experience. Our management team receives regular updates on our cybersecurity posture and reviews detailed information about our cybersecurity preparedness. Additionally, we have a Leidos Security Council that is co-chaired by the Chief Information Security Officer and the Chief Security Officer to address “all security hazards” across our global enterprise to ensure cohesion and effectiveness of our combined security governance and risk mitigations.

Cybersecurity Risk Management Positions or Committees Responsible [Flag]

true

Cybersecurity Risk Management Expertise of Management Responsible [Text Block]

The team of senior management officers, who support our information security program, have expertise with cybersecurity, as demonstrated qualifications such as by prior work experience, possession of a cybersecurity certification, degree, or other cybersecurity experience.

Cybersecurity Risk Management Positions or Committees Responsible Report to Board [Flag]

true