CISA Retires 10 Emergency Cybersecurity Directives Issued Between 2019 and 2024

Government / Vulnerability Management

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday said it’s retiring 10 emergency directives (Eds) that were issued between 2019 and 2024.

The list of the directives now considered closed is as follows -

• ED 19-01: Mitigate DNS Infrastructure Tampering
• ED 20-02: Mitigate Windows Vulnerabilities from January 2020 Patch Tuesday
• ED 20-03: Mitigate Windows DNS Server Vulnerability from July 2020 Patch Tuesday
• ED 20-04: Mitigate Netlogon Elevation of Privilege Vulnerability from August 2020 Patch Tuesday
• ED 21-01: Mitigate SolarWinds Orion Code Compromise
• ED 21-02: Mitigate Microsoft Exchange On-Premises Product Vulnerabilities
• ED 21-03: Mitigate Pulse Connect Secure Product Vulnerabilities
• ED 21-04: Mitigate Windows Print Spooler Service Vulnerability
• ED 22-03: Mitigate VMware Vulnerabilities
• ED 24-02: Mitigating the Significant Risk from Nation-State Compromise of Microsoft Corporate Email System

Stating that these directives were issued with an intent to safeguard Federal Civilian Executive Branch (FCEB) agencies potential risks, CISA said it worked closely with federal agencies to remediate them, incorporate best practices, and establish a more resilient digital infrastructure.

CISA also said such directives are published to ensure that emerging threats are mitigated in a timely manner, adding required actions have been either successfully implemented or are now enforced through Binding Operational Directive (BOD) 22-01, Reducing the Significant Risk of Known Exploited Vulnerabilities.

“As the operational lead for federal cybersecurity, CISA leverages its authorities to strengthen federal systems and defend against unacceptable risks, especially those related to hostile nation-state actors,” said CISA Acting Director Madhu Gottumukkala. "The closure of these ten Emergency Directives reflects CISA’s commitment to operational collaboration across the federal enterprise.

“Every day, CISA’s exceptional team works collaboratively with partners to eliminate persistent access, counter emerging threats, and deliver real-time mitigation guidance. Looking ahead, CISA continues to advance Secure by Design principles – prioritizing transparency, configurability, and interoperability - so every organization can better defend their diverse environments.”

Found this article interesting? Follow us on Google News, Twitter and LinkedIn to read more exclusive content we post.