We are Growing, stay tuned.

Cannabis Information Sharing & Analysis organization

The Cannabis Information Sharing & Analysis Organization (ISAO) is a member-driven non-profit association formed in April 2021 with the mission of being the cannabis industry’s primary resource for information on physical, cyber, and natural threats, risks, and mitigation. As an organization we provide threat reporting, as well as provide a platform for our members to collaborate and share threat related information and best practices in order to build a more resilient industry. In addition we focus on capacity building through educational opportunities and workshops in order to establish industry best practices. As legalization continues around the globe, and investments within the industry grow, we feel the time is now for the industry to chart its own security path. Our team is excited to help the industry grow its resiliency against all forms of hazards, whether from cybercriminals, physical attacks, or natural disasters.

WHAT DOES AN ISAO DO?

An Information Sharing and Analysis Organization (ISAO) is a trusted community that actively collaborates to identify and disseminate information about all types of threats, including cybersecurity, physical, and natural disaster. These organizations focus on providing technical threat information. An ISAO gathers data about threat actors and their techniques from various sources. This data can come from governments, large and small companies, and organizations from around the world. The ISAO then analyzes this data, turns it into useable information, and sends it to its members. Because an ISAO provides relevant, useful information, it effectively becomes a trusted advisor that raises an industry’s resiliency. In addition, ISAOs help raise organizational capacity through training and helping establish industry standards. The following graphic from the European Union Agency for Network and Information Security provides a helpful visual.
Graphic from the European Union Agency For Network and Information Security
Graphic from the European Union Agency For Network and Information Security

Cybersecurity

Keeping your information security officers up to date on the latest threats and trends. Learn best practices for mitigating and responding to ransomware, business email compromise, third-party risk management, phishing attempts, social engineering, and much, more.

Physical Security

The Cannabis industry has long been a cash-based industry, at risk from physical attacks. We go deeper than reviewing simple robberies to also provide resources to mitigate and respond to threats like active-shooter incidents and risks civil disturbances can have on business practices.

Natural Events

Whether it be an earthquake, wildfire, hurricane, flooding, or any other naturally occurring event, these incidents can have serious impacts on individual businesses and supply chains. These resources will help prepare from those inevitable events.

Our latest Posts
View blog

gun pointing

Cannabis ISAO Director’s Cut: December 03

In this blog series, our Executive Director Ben Taylor highlights a selection of cybersecurity, physical security, health or natural threat related stories from the past week.

Holiday Phishing

Library Card Series: Holiday Season Vigilance

In this week’s Library Card Series we’ll go over safety precautions for the holiday season with the Cybersecurity & Infrastructure Security Agency’s (CISA) Guide for Holiday Vigilance.

Library Card Series: Workplace Violence

In this week’s Library Card Series we will be going over the FBI’s report on Workplace Violence. The report helps organizations better understand how to prevent, and intervene violence in the workplace, while also arming them to effectively conduct threat assessments and and risk management.