{"id":4097,"date":"2026-01-13T09:05:18","date_gmt":"2026-01-13T09:05:18","guid":{"rendered":"https:\/\/ft365.org\/index.php\/2026\/01\/13\/cisa-closes-ten-emergency-directives-after-federal-cyber-reviews\/"},"modified":"2026-01-13T09:05:18","modified_gmt":"2026-01-13T09:05:18","slug":"cisa-closes-ten-emergency-directives-after-federal-cyber-reviews","status":"publish","type":"post","link":"https:\/\/ft365.org\/index.php\/2026\/01\/13\/cisa-closes-ten-emergency-directives-after-federal-cyber-reviews\/","title":{"rendered":"CISA Closes Ten Emergency Directives After Federal Cyber Reviews"},"content":{"rendered":"<div id=\"cphContent_pnlArticleBody\" data-layout-id=\"2\" data-edit-folder-name=\"text\" data-index=\"0\">\n<p>Ten Emergency Directives issued between 2019 and 2024 have been formally retired by the US Cybersecurity and Infrastructure Security Agency (CISA) following a review that found their objectives had been met.<\/p>\n<p>The decision marks the most significant number of Emergency Directives closed at once and reflects changes in how cyber-risk is managed across federal civilian agencies.<\/p>\n<p>The update follows CISA\u2019s assessment that required remediation actions have either been fully implemented by Federal Civilian Executive Branch agencies or incorporated into Binding Operational Directive 22-01.<\/p>\n<p>That standing directive addresses the ongoing risk posed by known exploited vulnerabilities (KEVs) and now serves as the primary mechanism for managing those issues.<\/p>\n<h2>From Temporary Mandates to Ongoing Controls<\/h2>\n<p>Emergency Directives are issued to address urgent and imminent threats and are intended to remain active only as long as necessary. CISA said sustained coordination with federal agencies helped resolve the underlying risks, embed cybersecurity best practices and reduce reliance on time-limited emergency measures.<\/p>\n<p>\u201cAs the operational lead for federal cybersecurity, CISA leverages its authorities to strengthen federal systems and defend against unacceptable risks,\u201d said\u00a0acting director, Madhu Gottumukkala.<\/p>\n<p>\u201cThe closure of these ten Emergency Directives reflects CISA\u2019s commitment to operational collaboration across the federal enterprise.\u201d<\/p>\n<p>Several of the retired directives were linked to specific Common Vulnerabilities and Exposures (CVEs). Those issues are now tracked through CISA\u2019s KEV catalog, which standardizes how agencies identify and remediate widely exploited flaws.\u00a0<\/p>\n<p><em>Read more on federal cybersecurity: US Federal Judiciary Tightens Security Following Escalated Cyber-Attacks<\/em><\/p>\n<h2>Emergency Directives Now Closed<\/h2>\n<p>The directives no longer in force include:<\/p>\n<ul>\n<li>\n<p>ED 19-01 addressing DNS infrastructure tampering<\/p>\n<\/li>\n<li>\n<p>ED 20-02 through ED 20-04 related to Windows and Netlogon vulnerabilities<\/p>\n<\/li>\n<li>\n<p>ED 21-01 through ED 21-04 covering SolarWinds Orion, Microsoft Exchange, Pulse Connect Secure and Windows Print Spooler<\/p>\n<\/li>\n<li>\n<p>ED 22-03 focused on VMware vulnerabilities<\/p>\n<\/li>\n<li>\n<p>ED 24-02 concerning the nation-state compromise of Microsoft corporate email systems<\/p>\n<\/li>\n<\/ul>\n<p>CISA said three of these directives (19-01, 21-01\u00a0and 24-02) were closed after determining their requirements no longer aligned with the current risk posture or operational practices.<\/p>\n<p>Emergency Directives will continue to be issued when needed, but CISA emphasized long-term risk reduction increasingly relies on standardized directives and secure-by-design principles across federal systems.<\/p>\n<\/p><\/div>\n","protected":false},"excerpt":{"rendered":"<p>Ten Emergency Directives issued between 2019 and 2024 have been formally retired by the US Cybersecurity and Infrastructure Security Agency (CISA) following a review that found their objectives had been met. The decision marks the most significant number of Emergency Directives closed at once and reflects changes in how cyber-risk is managed across federal civilian<\/p>\n","protected":false},"author":2,"featured_media":4098,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-4097","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-uncategorized"],"featured_image_urls":{"full":["https:\/\/ft365.org\/wp-content\/uploads\/2026\/01\/4097-4645c9e4-a2fb-43b5-a247-953a4dc8fc3d.jpg",300,300,false],"thumbnail":["https:\/\/ft365.org\/wp-content\/uploads\/2026\/01\/4097-4645c9e4-a2fb-43b5-a247-953a4dc8fc3d-150x150.jpg",150,150,true],"medium":["https:\/\/ft365.org\/wp-content\/uploads\/2026\/01\/4097-4645c9e4-a2fb-43b5-a247-953a4dc8fc3d.jpg",300,300,false],"medium_large":["https:\/\/ft365.org\/wp-content\/uploads\/2026\/01\/4097-4645c9e4-a2fb-43b5-a247-953a4dc8fc3d.jpg",300,300,false],"large":["https:\/\/ft365.org\/wp-content\/uploads\/2026\/01\/4097-4645c9e4-a2fb-43b5-a247-953a4dc8fc3d.jpg",300,300,false],"1536x1536":["https:\/\/ft365.org\/wp-content\/uploads\/2026\/01\/4097-4645c9e4-a2fb-43b5-a247-953a4dc8fc3d.jpg",300,300,false],"2048x2048":["https:\/\/ft365.org\/wp-content\/uploads\/2026\/01\/4097-4645c9e4-a2fb-43b5-a247-953a4dc8fc3d.jpg",300,300,false],"morenews-featured":["https:\/\/ft365.org\/wp-content\/uploads\/2026\/01\/4097-4645c9e4-a2fb-43b5-a247-953a4dc8fc3d.jpg",300,300,false],"morenews-large":["https:\/\/ft365.org\/wp-content\/uploads\/2026\/01\/4097-4645c9e4-a2fb-43b5-a247-953a4dc8fc3d.jpg",300,300,false],"morenews-medium":["https:\/\/ft365.org\/wp-content\/uploads\/2026\/01\/4097-4645c9e4-a2fb-43b5-a247-953a4dc8fc3d.jpg",300,300,false],"crawlomatic_preview_image":["https:\/\/ft365.org\/wp-content\/uploads\/2026\/01\/4097-4645c9e4-a2fb-43b5-a247-953a4dc8fc3d-146x146.jpg",146,146,true]},"author_info":{"display_name":"henry","author_link":"https:\/\/ft365.org\/index.php\/author\/henry\/"},"category_info":"<a href=\"https:\/\/ft365.org\/index.php\/category\/uncategorized\/\" rel=\"category tag\">Uncategorized<\/a>","tag_info":"Uncategorized","comment_count":"0","_links":{"self":[{"href":"https:\/\/ft365.org\/index.php\/wp-json\/wp\/v2\/posts\/4097","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/ft365.org\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/ft365.org\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/ft365.org\/index.php\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/ft365.org\/index.php\/wp-json\/wp\/v2\/comments?post=4097"}],"version-history":[{"count":0,"href":"https:\/\/ft365.org\/index.php\/wp-json\/wp\/v2\/posts\/4097\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/ft365.org\/index.php\/wp-json\/wp\/v2\/media\/4098"}],"wp:attachment":[{"href":"https:\/\/ft365.org\/index.php\/wp-json\/wp\/v2\/media?parent=4097"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/ft365.org\/index.php\/wp-json\/wp\/v2\/categories?post=4097"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/ft365.org\/index.php\/wp-json\/wp\/v2\/tags?post=4097"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}