Skip to main content
See every side of every news story
Get Started
SubscribeLogin
Published loading...Updated

CISA: Remove EOL Edge Kit Before Cybercriminals Strike

Federal agencies must inventory unsupported edge devices within three months and replace them within one year to reduce risks from cyberattacks, CISA said.

  • On Thursday, the Cybersecurity and Infrastructure Security Agency issued a binding operational directive requiring federal civilian executive branch agencies to inventory and replace unsupported edge devices within specified deadlines.
  • CISA warned that unsupported edge devices create a `substantial and constant` risk, and persistent cyber threat actors increasingly exploit them to gain network access and exfiltrate data.
  • Within three months, agencies must report devices from CISA's EOS Edge Device List, inventory all edge devices losing support within 12 months, and decommission listed EOS devices within the same 12 months.
  • The directive forces federal agencies to absorb procurement and operational burdens as CISA will monitor compliance and provide support with the Office of Management and Budget but has limited enforcement authority.
  • Working with the FBI and the U.K. NCSC, CISA is producing a private EOS Edge Device List and fact sheet to help agencies comply, urging nonfederal organizations and allies to adopt similar measures.
Insights by Ground AI

14 Articles

Tech RadarTech Radar
Center

CISA tells federal agencies to replace at-risk end-of-life edge devices

CISA has given federal agencies 12 months to remove and replace edge devices which have reached end-of-service.

·United Kingdom
Read Full Article
The RegisterThe Register
Center

CISA: Remove EOL edge kit before cybercriminals strike

: A year to replace end-of-support firewalls, routers, and VPN gateways

Read Full Article
BleepingComputerBleepingComputer
Center

CISA orders federal agencies to replace end-of-life edge devices

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a new binding operational directive requiring federal agencies to identify and remove network edge devices that no longer receive security updates from manufacturers.

Read Full Article
Federal News NetworkFederal News Network
Center

CISA tells agencies to identify, upgrade unsupported edge devices

CISA's new binding operational directive comes amid persistent concerns about nation-state adversaries targeting end-of-service edge devices, like routers.

Read Full Article
Cybersecurity DiveCybersecurity Dive
Center

CISA orders feds to disconnect unsupported network edge devices

The government is worried about hackers accessing systems through insecure and poorly monitored routers, firewalls and similar equipment at the network perimeter.

Read Full Article
NextgovNextgov
Reposted by
Malware Analysis, News and IndicatorsMalware Analysis, News and Indicators
Center

CISA orders agencies to patch and replace end-of-life devices, citing active exploitation

The directive gives agencies three months to identify unsupported edge devices, a year to begin removing them and 18 months to eliminate them entirely.

Read Full Article
Think freely.Subscribe and get full access to Ground NewsSubscriptions start at $9.99/yearSubscribe

Bias Distribution

  • 100% of the sources are Center
100% Center

Factuality Info Icon

To view factuality data please Upgrade to Premium

Ownership

Info Icon

To view ownership data please Upgrade to Vantage

cisa.gov broke the news in on Thursday, February 5, 2026.
Too Big Arrow Icon
Sources are mostly out of (0)

Similar News Topics

CISA icon

CISA

United States icon

United States

News
Feed Dots Icon
For You
Search Icon
SearchBlindspot LogoBlindspotLocal