CISA Retires 10 Emergency Cybersecurity Directives Issued Between 2019-2024

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has announced the retirement of 10 Emergency Directives (EDs) issued between 2019 and 2024. Among the directives being retired are ED 19-01, which addressed the mitigation of DNS infrastructure tampering; ED 20-02, which pertained to the patching of Windows vulnerabilities from the January 2020 Patch Tuesday; and ED 20-03, which focused on mitigating vulnerabilities in Windows DNS servers. The announcement was made on January 16, 2026. Emergency Directives are issued by CISA to mandate immediate action by federal civilian executive branch agencies in response to critical cybersecurity vulnerabilities or threats. The retirement of these directives has been announced without details on the reasons for their retirement or any residual impacts. From a technical perspective, the directives being retired cover critical areas of cybersecurity. ED 19-01 likely addressed risks associated with DNS tampering, such as cache poisoning or man-in-the-middle attacks, which can lead to data exfiltration or unauthorized access to systems. ED 20-02 would have focused on patching vulnerabilities in Windows systems that could be exploited for remote code execution or privilege escalation. ED 20-03 targeted vulnerabilities in Windows DNS servers, which are crucial for network operations and can be exploited to disrupt services or launch further attacks. For cybersecurity professionals, the retirement of these directives highlights the importance of staying current with threat intelligence and security best practices. While the specific directives may no longer be in effect, the underlying vulnerabilities they addressed may still exist in unpatched or legacy systems. Therefore, it is crucial to maintain robust patch management processes and continue monitoring for emerging threats. The lack of information on the reasons for retirement or residual impacts makes it difficult to assess the current threat landscape or the effectiveness of the mitigations implemented in response to these directives. Cybersecurity professionals should review their current security postures to ensure that the mitigations recommended in these directives are still appropriate and effective for their environments.