The new directive from CISA aims to help federal agencies identify and secure their network devices that are exposed to the public internet.