CISA Partners with ASD’s ACSC, CCCS, NCSC-UK, and Other International and US Organizations to Release Guidance on Edge Devices
Release Date February 04, 2025
CISA—in partnership with international and U.S. organizations—released guidance to help organizations protect their network edge devices and appliances, such as firewalls, routers, virtual private networks (VPN) gateways, Internet of Things (IoT) devices, internet-facing servers, and internet-facing operational technology (OT) systems. The published guidance is as follows:

“Security Considerations for Edge Devices,” led by the Canadian Centre for Cyber Security (CCCS), a part of the Communications Security Establishment Canada.
“Digital Forensics Monitoring Specifications for Products of Network Devices and Applications,” led by the United Kingdom’s National Cyber Security Centre (NCSC-UK).
“Mitigation Strategies for Edge Devices: Executive Guidance” and “Mitigation Strategies for Edge Devices: Practitioner Guidance,” two separate guides led by the Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC).
Foreign adversaries routinely exploit software vulnerabilities in network edge devices to infiltrate critical infrastructure networks and systems. The damage can be expensive, time-consuming, and reputationally catastrophic for public and private sector organizations. These guidance documents detail various considerations and strategies for a more secure and resilient network both before and after a compromise.
[https://www.cisa.gov/news-events/alerts/2025/02/04/cisa-partners-asds-acsc-cccs-ncsc-uk-and-other-international-and-us-organizations-release-guidance]