The breach led senior leaders from across the organization to abandon a previously siloed approach and work together more closely, Mendes said Wednesday during a keynote at the 2022 Zero Trust Summit, presented by CyberScoop.
“Historically, Commerce would go to the Hill, get the budget, then find the solution on a bureau-by-bureau basis,” he said. “When SolarWinds came about and Congress decided to do security … we got together all of the best people in cybersecurity from the bureaus [at Commerce] and said: ‘You’re not going to leave until we put together a plan for everybody.'”
Mendes said that despite some initial resistance, IT leaders across the agencies in short order realized the benefit of working together.
“[The] reality is there is the ability to make synergies between bureaus and leverage each other’s data,” he added.
Following the discovery of the SolarWinds breach in December 2020, federal agencies sought to rapidly improve internal and external communication in response to the incident.
Shortly after the attack was discovered, CISA, the FBI and ODNI set up a unified coordination group (UCG) to respond to the incident, according to a GAO report. A similar UCG was also subsequently set up in March 2021 in response to the Microsoft Exchange server hack.
While details of the SolarWinds breach were publicly disclosed in December 2020, cyber forensics specialists believe that the malicious actors responsible for the breach may have been preparing to carry out the attack since 2019.