CISA Retires Ten Emergency Directives, Marking an Era in Federal Cybersecurity

PRESS RELEASE CISA Retires Ten Emergency Directives, Marking an Era in Federal Cybersecurity This is just another example of CISA advancing federal cyber resilience and building a stronger, safer digital infrastructure for America’s future. ReleasedJanuary 08, 2026 RELATED TOPICS: CYBERSECURITY BEST PRACTICES WASHINGTON - Today, the Cybersecurity and Infrastructure Security Agency (CISA) announced the successful retirement of ten Emergency Directives issued between 2019-2024. Marking a significant milestone in federal cybersecurity, this is the highest number of Emergency Directives retired by the agency at one time. These directives achieved their mission to mitigate urgent and imminent risks to Federal Civilian Executive Branch (FCEB) agencies. Since their issuance, CISA has partnered closely with federal agencies to drive remediation, embed best practices and overcome systemic challenges - establishing a stronger, more resilient digital infrastructure for a more secure America.  By statute, CISA issues Emergency Directives to rapidly mitigate emerging threats and to minimize the impact by limiting directives to the shortest time possible. Following a comprehensive review of all active directives, CISA determined that required actions have been successfully implemented or are now encompassed through Binding Operational Directive (BOD) 22-01, Reducing the Significant Risk of Known Exploited Vulnerabilities.   “As the operational lead for federal cybersecurity, CISA leverages its authorities to strengthen federal systems and defend against unacceptable risks, especially those related to hostile nation-state actors. When the threat landscape demands it, CISA mandates swift, decisive action by Federal Civilian Executive Branch (FCEB) agencies and continues to issue directives as needed to drive timely cyber risk reduction across federal enterprise,” said CISA Acting Director Madhu Gottumukkala. “The closure of these ten Emergency Directives reflects CISA’s commitment to operational collaboration across the federal enterprise. Every day, CISA’s exceptional team works collaboratively with partners to eliminate persistent access, counter emerging threats, and deliver real-time mitigation guidance. Looking ahead, CISA continues to advance Secure by Design principles – prioritizing transparency, configurability, and interoperability - so every organization can better defend their diverse environments.”  Emergency Directives tied to specific Common Vulnerabilities and Exposures (CVEs) have been retired because those vulnerabilities are now included in CISA’s Known Exploited Vulnerabilities (KEV) catalog. These directives include EDs 2002, 2003, 2004, 2102, 2103, 2104, and 2203. For EDs 1901, 2101, and 2402, CISA determined that their objectives were achieved, requirements no longer align with the current risk posture, and changes in practices have rendered the directives obsolete.  The following Emergency Directives are now formally closed:    ED 19-01: Mitigate DNS Infrastructure Tampering      ED 20-02: Mitigate Windows Vulnerabilities from January 2020 Patch Tuesday    ED 20-03: Mitigate Windows DNS Server Vulnerability from July 2020 Patch Tuesday  ED 20-04: Mitigate Netlogon Elevation of Privilege Vulnerability from August 2020 Patch Tuesday   ED 21-01: Mitigate SolarWinds Orion Code Compromise    ED 21-02: Mitigate Microsoft Exchange On-Premises Product Vulnerabilities   ED 21-03: Mitigate Pulse Connect Secure Product Vulnerabilities  ED 21-04: Mitigate Windows Print Spooler Service Vulnerability  ED 22-03: Mitigate VMware Vulnerabilities   ED 24-02: Mitigating the Significant Risk from Nation-State Compromise of Microsoft Corporate Email System   CISA is committed to evolving federal cybersecurity practices and ensuring sustained protection against the most critical and multiplying risks. For more information on CISA Directives, visit Cybersecurity Directives.   ### About CISA  As the nation’s cyber defense agency and national coordinator for critical infrastructure security, the Cybersecurity and Infrastructure Security Agency leads the national effort to understand, manage, and reduce risk to the digital and physical infrastructure Americans rely on every hour of every day. Visit CISA.gov for more information and follow us on X, Facebook, LinkedIn, Instagram.  Related Articles FEB 25, 2026 PRESS RELEASE Immediate Action Required: CISA Issues Emergency Directive to Secure Cisco SD-WAN Systems FEB 13, 2026 PRESS RELEASE CISA Announces New Town Halls to Engage with Stakeholders on Cyber Incident Reporting for Critical Infrastructure FEB 11, 2026 PRESS RELEASE CISA’s 2025 Year in Review: Driving Security and Resilience Across Critical Infrastructure FEB 05, 2026 PRESS RELEASE CISA Orders Federal Agencies to Strengthen Edge Device Security Amid Rising Cyber Threats