Cybersecurity Risk Management and Strategy Disclosure	12 Months Ended
Dec. 31, 2024
Cybersecurity Risk Management, Strategy, and Governance [Line Items]
Cybersecurity Risk Management Processes Integrated [Flag]	true
Cybersecurity Risk Management Processes Integrated [Text Block]	Our approach to cybersecurity risk management includes the following key elements: •Multi-Layered Defense and Continuous Monitoring – We work to protect our computing environments and products from cybersecurity threats through multi-layered defenses and apply lessons learned from our defense and monitoring efforts to help prevent future attacks. We utilize data analytics to detect anomalies and search for cyber threats. Our Cybersecurity Operations Center provides comprehensive cyber threat detection and response capabilities and maintains a 24x7 monitoring system which complements the technology, processes and threat detection techniques we use to monitor, manage and mitigate cybersecurity threats or vulnerabilities. From time to time, we engage third-party consultants or other advisors to assist in assessing, identifying and/or managing cybersecurity threats. We also periodically use our Internal Audit function to conduct additional reviews and assessments. •Insider Threats – We maintain an insider threat program, led by our Vice President, Corporate and Enterprise Security, designed to identify, assess, and address potential risks from within our company. Our program evaluates potential risks consistent with industry practices, customer requirements and applicable law, including privacy and other considerations. •Information Sharing and Collaboration – We work with government, customer, industry and/or supplier partners, such as the National Defense Information Sharing and Analysis Center and other government-industry partnerships, to gather and develop best practices and share information to address cyber threats. These relationships enable the rapid sharing of threat and vulnerability mitigation information across the defense industrial base and supply chain. •Third Party Risk Management – We conduct cybersecurity assessments before sharing or allowing the hosting or processing of sensitive data in computing environments managed by third parties, and our standard terms and conditions contain contractual provisions requiring certain cybersecurity and data protections and controls. Finally, we require these third parties to notify us promptly of cyber incidents or data breaches so that we can assess potential impact on us. •Training and Awareness – We provide annual cybersecurity and information security awareness training to our employees with network access to help identify, avoid and mitigate cybersecurity threats and insider risks. This training also includes awareness about the policies and guidance associated with data privacy and protection of personal information, and protection and security of our company, customer and other third-party data. Our employees with network access also participate in annual spear phishing exercises. We also periodically host cybersecurity and ransomware tabletop exercises with management and other company functional stakeholders to practice rapid cyber incident response. •Supplier Engagement – We provide training and other resources to our suppliers to support cybersecurity resiliency and data security principles in our supply chain. We also require our suppliers, subcontractors and third-party service providers to comply with our standard cybersecurity-related terms and conditions, in addition to any requirements from our customers, as a condition of doing business with us, and require them to complete information security questionnaires to review and assess any potential cyber-related risks depending on the nature of the services or products being provided. •Third Party Cybersecurity Service Providers – We engage third party service providers to expand the capabilities and capacity of our cybersecurity program, including for design, monitoring and testing of the program’s risk prevention and protection measures and process execution, including incident detection, investigation, analysis and response, eradication and recovery. Additionally, several external entities evaluate our cybersecurity program, including the U.S. Defense Contract Management Agency, the Defense Industrial Base Cybersecurity Assessment Center and a Cybersecurity Maturity Model Certification Third Party Assessment Organization, to assess and certify our cybersecurity regulatory compliance. We also engage with external auditors and consultants who conduct audits and assessments of our cybersecurity controls. •Product Security – We provide cyber threat intelligence to, and collaboration with, our product security teams and share expertise in cyber vulnerability, exploit and resilience technology that can be applied to network infrastructure and company product offerings.
Cybersecurity Risk Management Third Party Engaged [Flag]	true
Cybersecurity Risk Third Party Oversight and Identification Processes [Flag]	true
Cybersecurity Risk Materially Affected or Reasonably Likely to Materially Affect Registrant [Flag]	false
Cybersecurity Risk Board of Directors Oversight [Text Block]	Our Board of Directors is responsible for overseeing our enterprise risk management activities in general, and each of our Board committees assists the Board in the role of risk oversight. The full Board receives an update on the company’s risk management process and the risk trends related to cybersecurity at least annually.
Cybersecurity Risk Board Committee or Subcommittee Responsible for Oversight [Text Block]	Our Board of Directors is responsible for overseeing our enterprise risk management activities in general, and each of our Board committees assists the Board in the role of risk oversight. The full Board receives an update on the company’s risk management process and the risk trends related to cybersecurity at least annually. The Audit and Risk Committee specifically assists the Board in its oversight of risks related to cybersecurity.
Cybersecurity Risk Process for Informing Board Committee or Subcommittee Responsible for Oversight [Text Block]	Our Board of Directors is responsible for overseeing our enterprise risk management activities in general, and each of our Board committees assists the Board in the role of risk oversight. The full Board receives an update on the company’s risk management process and the risk trends related to cybersecurity at least annually. The Audit and Risk Committee specifically assists the Board in its oversight of risks related to cybersecurity. To help ensure effective oversight, the CISO briefs the Audit and Risk Committee on the company’s information security and cybersecurity risk posture at least four times a year. In addition, the company’s Enterprise Risk Management Council (ERMC) considers risks relating to cybersecurity, among other significant risks, and applicable mitigation plans to address such risks. The ERMC is comprised of the Executive Leadership Team, as well as the Chief Accounting Officer, Chief Ethics and Compliance Officer, Corporate Secretary, Chief Sustainability Officer, Treasurer and Vice President, Internal Audit. The CISO and the CIDO (previously the CIO) attend each ERMC meeting. The ERMC meets during the year and receives periodic updates from the CIDO and CISO on cybersecurity risks. We have an established process governing our response to a cybersecurity incident from detection to mitigation, recovery, assessment, internal and external notifications and functional stakeholder engagements with legal, privacy and risk management, among others. Depending on the nature and severity of an incident, this process provides for escalating notification to our CEO and the Board (including our Lead Independent Director and the Audit and Risk Committee chair), as appropriate.
Cybersecurity Risk Role of Management [Text Block]	The CISO is responsible for the assessment and management of cybersecurity risk and the resiliency, protection and defense of our networks and systems
Cybersecurity Risk Management Positions or Committees Responsible [Text Block]	In 2024, our global cybersecurity function was maintained in our Chief Information Office, led by our Chief Information Officer (CIO), who reported to our CEO. In 2025, we have brought together our chief information and digital transformation offices into a newly formed Chief Information and Digital Office, led by our Chief Information and Digital Officer (CIDO), who reports to the CEO. The Chief Information Security Officer (CISO), who previously reported to the CIO, now reports to the CIDO and continues to lead our cybersecurity functions.
Cybersecurity Risk Management Expertise of Management Responsible [Text Block]	The CISO leads a team of cybersecurity professionals with broad experience and expertise, including in cybersecurity threat assessments and detection, mitigation technologies, cybersecurity training, incident response, cyber forensics, data protection, privacy, insider threats and regulatory compliance. The current CISO is an executive with extensive technical and operational experience in building and leading cybersecurity and resiliency teams in the industry and government.
Cybersecurity Risk Process for Informing Management or Committees Responsible [Text Block]	The CISO and the CIDO (previously the CIO) attend each ERMC meeting. The ERMC meets during the year and receives periodic updates from the CIDO and CISO on cybersecurity risks. We have an established process governing our response to a cybersecurity incident from detection to mitigation, recovery, assessment, internal and external notifications and functional stakeholder engagements with legal, privacy and risk management, among others. Depending on the nature and severity of an incident, this process provides for escalating notification to our CEO and the Board (including our Lead Independent Director and the Audit and Risk Committee chair), as appropriate.
Cybersecurity Risk Management Positions or Committees Responsible Report to Board [Flag]	true

Cybersecurity Risk Management and Strategy Disclosure

12 Months Ended

Dec. 31, 2024

Cybersecurity Risk Management, Strategy, and Governance [Line Items]

Cybersecurity Risk Management Processes Integrated [Flag]

true

Cybersecurity Risk Management Processes Integrated [Text Block]

Our approach to cybersecurity risk management includes the following key elements:

•Multi-Layered Defense and Continuous Monitoring – We work to protect our computing environments and products from cybersecurity threats through multi-layered defenses and apply lessons learned from our defense and monitoring efforts to help prevent future attacks. We utilize data analytics to detect anomalies and search for cyber threats. Our Cybersecurity Operations Center provides comprehensive cyber threat detection and response capabilities and maintains a 24x7 monitoring system which complements the technology, processes and threat detection techniques we use to monitor, manage and mitigate cybersecurity threats or vulnerabilities. From time to time, we engage third-party consultants or other advisors to assist in assessing, identifying and/or managing cybersecurity threats. We also periodically use our Internal Audit function to conduct additional reviews and assessments.

•Insider Threats – We maintain an insider threat program, led by our Vice President, Corporate and Enterprise Security, designed to identify, assess, and address potential risks from within our company. Our

program evaluates potential risks consistent with industry practices, customer requirements and applicable law, including privacy and other considerations.

•Information Sharing and Collaboration – We work with government, customer, industry and/or supplier partners, such as the National Defense Information Sharing and Analysis Center and other government-industry partnerships, to gather and develop best practices and share information to address cyber threats. These relationships enable the rapid sharing of threat and vulnerability mitigation information across the defense industrial base and supply chain.

•Third Party Risk Management – We conduct cybersecurity assessments before sharing or allowing the hosting or processing of sensitive data in computing environments managed by third parties, and our standard terms and conditions contain contractual provisions requiring certain cybersecurity and data protections and controls. Finally, we require these third parties to notify us promptly of cyber incidents or data breaches so that we can assess potential impact on us.

•Training and Awareness – We provide annual cybersecurity and information security awareness training to our employees with network access to help identify, avoid and mitigate cybersecurity threats and insider risks. This training also includes awareness about the policies and guidance associated with data privacy and protection of personal information, and protection and security of our company, customer and other third-party data. Our employees with network access also participate in annual spear phishing exercises. We also periodically host cybersecurity and ransomware tabletop exercises with management and other company functional stakeholders to practice rapid cyber incident response.

•Supplier Engagement – We provide training and other resources to our suppliers to support cybersecurity resiliency and data security principles in our supply chain. We also require our suppliers, subcontractors and third-party service providers to comply with our standard cybersecurity-related terms and conditions, in addition to any requirements from our customers, as a condition of doing business with us, and require them to complete information security questionnaires to review and assess any potential cyber-related risks depending on the nature of the services or products being provided.

•Third Party Cybersecurity Service Providers – We engage third party service providers to expand the capabilities and capacity of our cybersecurity program, including for design, monitoring and testing of the program’s risk prevention and protection measures and process execution, including incident detection, investigation, analysis and response, eradication and recovery. Additionally, several external entities evaluate our cybersecurity program, including the U.S. Defense Contract Management Agency, the Defense Industrial Base Cybersecurity Assessment Center and a Cybersecurity Maturity Model Certification Third Party Assessment Organization, to assess and certify our cybersecurity regulatory compliance. We also engage with external auditors and consultants who conduct audits and assessments of our cybersecurity controls.

•Product Security – We provide cyber threat intelligence to, and collaboration with, our product security teams and share expertise in cyber vulnerability, exploit and resilience technology that can be applied to network infrastructure and company product offerings.

Cybersecurity Risk Management Third Party Engaged [Flag]

true

Cybersecurity Risk Third Party Oversight and Identification Processes [Flag]

true

Cybersecurity Risk Materially Affected or Reasonably Likely to Materially Affect Registrant [Flag]

false

Cybersecurity Risk Board of Directors Oversight [Text Block]

Cybersecurity Risk Board Committee or Subcommittee Responsible for Oversight [Text Block]

Our Board of Directors is responsible for overseeing our enterprise risk management activities in general, and each of our Board committees assists the Board in the role of risk oversight. The full Board receives an update on the company’s risk management process and the risk trends related to cybersecurity at least annually. The Audit and Risk Committee specifically assists the Board in its oversight of risks related to cybersecurity.

Cybersecurity Risk Process for Informing Board Committee or Subcommittee Responsible for Oversight [Text Block]

In addition, the company’s Enterprise Risk Management Council (ERMC) considers risks relating to cybersecurity, among other significant risks, and applicable mitigation plans to address such risks. The ERMC is comprised of the Executive Leadership Team, as well as the Chief Accounting Officer, Chief Ethics and Compliance Officer, Corporate Secretary, Chief Sustainability Officer, Treasurer and Vice President, Internal Audit. The CISO and the CIDO (previously the CIO) attend each ERMC meeting. The ERMC meets during the year and receives periodic updates from the CIDO and CISO on cybersecurity risks. We have an established process governing our response to a cybersecurity incident from detection to mitigation, recovery, assessment, internal and external notifications and functional stakeholder engagements with legal, privacy and risk management, among others. Depending on the nature and severity of an incident, this process provides for escalating notification to our CEO and the Board (including our Lead Independent Director and the Audit and Risk Committee chair), as appropriate.

Cybersecurity Risk Role of Management [Text Block]

The CISO is responsible for the assessment and management of cybersecurity risk and the resiliency, protection and defense of our networks and systems

Cybersecurity Risk Management Positions or Committees Responsible [Text Block]

In 2024, our global cybersecurity function was maintained in our Chief Information Office, led by our Chief Information Officer (CIO), who reported to our CEO. In 2025, we have brought together our chief information and digital transformation offices into a newly formed Chief Information and Digital Office, led by our Chief Information and Digital Officer (CIDO), who reports to the CEO. The Chief Information Security Officer (CISO), who previously reported to the CIO, now reports to the CIDO and continues to lead our cybersecurity functions.

Cybersecurity Risk Management Expertise of Management Responsible [Text Block]

The CISO leads a team of cybersecurity professionals with broad experience and expertise, including in cybersecurity threat assessments and detection, mitigation technologies, cybersecurity training, incident response, cyber forensics, data protection, privacy, insider threats and regulatory compliance. The current CISO is an executive with extensive technical and operational experience in building and leading cybersecurity and resiliency teams in the industry and government.

Cybersecurity Risk Process for Informing Management or Committees Responsible [Text Block]

The CISO and the CIDO (previously the CIO) attend each ERMC meeting. The ERMC meets during the year and receives periodic updates from the CIDO and CISO on cybersecurity risks. We have an established process governing our response to a cybersecurity incident from detection to mitigation, recovery, assessment, internal and external notifications and functional stakeholder engagements with legal, privacy and risk management, among others. Depending on the nature and severity of an incident, this process provides for escalating notification to our CEO and the Board (including our Lead Independent Director and the Audit and Risk Committee chair), as appropriate.

Cybersecurity Risk Management Positions or Committees Responsible Report to Board [Flag]

true