About Josh
Josh Lospinoso isn’t your average hacker. Most hackers aren’t Rhodes Scholars. As a kid growing up in New Jersey during 9/11, Josh was drawn to service - but he had no idea he’d soon be hacking military weapon systems. As an Army Cyber Officer, he discovered critical vulnerabilities in mission essential platforms that revealed a sobering reality: these sophisticated weapons systems (flying computers!) were dangerously vulnerable to cyber threats. So after spending years building cyber tools at the National Security Agency, he founded (and exited) his first startup, a cybersecurity outfit called Red Owl Analytics. And then, he dove into an even bigger challenge, head-on. His background - Rhodes Scholar, PhD in Statistics, veteran - gave him unique credibility with both the defense establishment and the venture community. And today, he’s at the forefront of one of the most important missions: securing our operational technology systems.
About Shift5
What began as a cybersecurity company for weapon systems has evolved into a comprehensive observability platform for military platforms. Their technology now helps prevent accidents, improve maintenance, and protect critical systems on platforms like the F-22, V-22, and more.
Key Takeaways
1. System Mastery Before Disruption: The best innovators in defense aren't system destroyers - they're system masters. As Josh notes, "Hackers actually have the deepest respect for rules. You have to understand a system completely to find outcomes the rules didn't anticipate but still support." For founders, this means deeply understanding defense processes before trying to change them.
2. Creative Problem Solving Beats Resources: When Shift5 needed to demo their capability but couldn't bring a military vehicle to VCs, they hacked apart a Honda Civic and rebuilt it on plywood. The lesson? Early-stage defense tech isn't about having perfect resources - it's about creatively proving capability with what you have.
3. R&D Funding is a Tool, Not a Business: SBIR Phase II and other R&D contracts should be viewed as "government-funded IRAD" or "negative customer acquisition cost" - not sustainable revenue. Use them to fund development and maintain customer relationships while working on the real prize: getting into the POM (Program Objective Memorandum).
4. Going to Market in Defense is a Three-Legged Stool: Defense go-to-market requires three elements: sales, marketing, and government affairs. Most founders focus on the first two while neglecting government affairs until too late. Even with strong customer relationships, without budget allocation, you can't scale.
5. Product Evolution Through User Observation: Shift5's expansion from cybersecurity to full observability came from watching maintainers interact with their system. Your initial product might open doors to much larger opportunities - but only if you're paying attention to how users actually interact with it.
For entrepreneurs building in defense tech, Shift5's journey demonstrates that success comes from balancing technical excellence with bureaucratic navigation. It's not enough to build great technology - you need to master the system, demonstrate value creatively, and build the infrastructure for sustained growth through program dollars. While there is no single playbook for going to market in the defense industry, hard-won lessons from people like Josh can peel back the curtain and illuminate the way.
For more Crossing the Valley: www.valleycrossers.com
For more on Shift5: https://shift5.io/
Follow Josh: https://www.linkedin.com/in/jalospinoso/
Follow Noah: https://www.linkedin.com/in/noahsheinbaum/
Subscribe to Crossing the Valley for more conversations with leaders revolutionizing defense technology.
Share this post