Email security firm Agari posted an article reminding us how the attack surface from the scourge known as business email compromise (BEC) is larger than we may think. Agari points out the need to protect against the compromised supply chain, in what is referred to as vendor email compromise (VEC). With the majority of phishing emails we receive impersonating trusted suppliers, it is imperative that organizations are intentional about securing their supply chain. WaterISAC’s 15 Cybersecurity Fundamentals, #13 – Secure the Supply Chain includes tips and resources to help members manage their risk from third parties. Read the post at Agari