Home / Technology / CISA Retires 10 Emergency Directives: A Cybersecurity Milestone
CISA Retires 10 Emergency Directives: A Cybersecurity Milestone
10 Jan
Summary
- CISA retired ten Emergency Directives issued between 2019 and 2024.
- This action marks the largest simultaneous retirement of Emergency Directives by CISA.
- The retired directives are now encompassed by Binding Operational Directive 22-01.
The US Cybersecurity and Infrastructure Security Agency (CISA) recently announced the retirement of ten Emergency Directives (EDs), representing the largest simultaneous closure of these mandates in its history. Issued between 2019 and 2024, these directives have now fulfilled their purpose, with many either fully implemented or absorbed into the framework of Binding Operational Directive 22-01.
This significant action underscores CISA's dedication to its Secure by Design principles, which prioritize enhanced security, transparency, and configurability within federal cybersecurity. The agency emphasized its ongoing commitment to issuing directives as necessary to swiftly address emergent cyber threats and reduce risks across federal civilian executive branch agencies.
Binding Operational Directive 22-01, established on November 3, 2021, now supersedes many of the retired EDs. It mandates that federal agencies prioritize the remediation of actively exploited vulnerabilities, ensuring a more focused and effective approach to cybersecurity risk management.
