Skip to content
SPECIAL

THREATS TO CRITICAL INFRASTRUCTURE IN IRAN CONFLICT

READ MORE

The Cybersecurity and Infrastructure Security Agency (CISA) has issued Binding Operational Directive 26-02, Mitigating Risk From End-of-Support Edge Devices

The directive requires Federal Civilian Executive Branch (FCEB) agencies to take specific actions to drive down technical debt and minimize the risk of compromise.

Within a specified timeframe, FCEB agencies must strengthen asset lifecycle management for active edge devices and remove any hardware and software devices that is no longer supported by its original equipment manufacturer. 

Persistent cyber threat actors are increasingly exploiting unsupported edge devices – hardware and software that no longer receive vendor updates to firmware or other security patches. Positioned at the network perimeter, these devices are especially vulnerable to persistent cyber threat actors exploiting a new or known vulnerability. 

Return to Alerts

Click to listen highlighted text!