Cybersecurity Briefing — CISA Emergency Directive 20-03 mandates Microsoft 365 hardening
CISA issued Emergency Directive 20-03 on 18 May 2020 requiring federal agencies to implement Microsoft 365 security configurations to mitigate credential theft and improper access control.
On 18 May 2020 the Cybersecurity and Infrastructure Security Agency published Emergency Directive 20-03, ordering U.S. federal civilian agencies to enforce MFA, disable legacy authentication, restrict Power Platform service principals, and review privileged roles across Microsoft 365 tenants.
Security teams should mirror the directive's checks—tightening identity controls, auditing mailbox forwarding, and monitoring OAuth apps—to reduce account takeover risk in shared collaboration environments.