The Cybersecurity and Infrastructure Security Agency (CISA) recently issued guidance on protecting the security of organizations’ social media accounts to reduce the risk of unauthorized access to those accounts.

The guidance, entitled The Capacity Enhancement Guide (CEG): Social Media Account Protection, provides tips for organizations to protect social media accounts from malicious cyber actors. CISA recommends that organizations:

  • Establish and maintain a social media policy;
  • Implement credential management;
  • Enforce multi-factor authentication (MFA);
  • Manage account privacy settings;
  • Use trusted devices;
  • Vet third-party vendors;
  • Maintain situational awareness of cybersecurity threats; and
  • Establish an incident response plan.