In this blog series, our Executive Director Ben Taylor highlights a selection of cybersecurity, physical security, health or natural threat related stories from the past week.
A White House Memo to Corporate Executives and Business Leaders with the subject line “What We Urge You To Do To Protect Against The Threat of Ransomware” was released earlier this week. The memo states “Under President Biden’s leadership, the Federal Government is stepping up to do its’ part, working with like-minded partners around the world to disrupt and deter ransomware actors. These efforts include disrupting ransomware networks, working with international partners to hold countries that harbor ransomware actors accountable, developing cohesive and consistent policies towards ransom payments and enabling rapid tracing and interdiction of virtual currency proceeds.” A key takeaway is that companies that view ransomware as a threat to their core business operations rather than a simple risk of data theft will react and recover more effectively. This memo comes out at the Department of Justice has indicated they will start investigating ransomware gangs in the same way they handle foreign and domestic terrorists.
Ransomware: What Board Members Should Know and What They Should be Asking Their Technical Experts. This blog from the UK’s National Cyber Security Centre, part of the Cyber Security Toolkit for Boards, explains the basics of ransomware, and suggests relevant questions that board members might want to ask their technical experts to help drive greater cyber resilience against these types of attack. The blog suggests that organization board members ask these five key questions:
- As an organization and as board members, how would we know when an incident occurred?
- As an organization, what measures do we take to minimize the damage an attacker could do inside our network?
- As an organization, do we have a incident management plan for cyber incidents and how do we ensure it is effective?
- Does our incident management plan meet the particular challenges of ransomware attacks?
- How is data backed up, and are we confident that backups would remain unaffected by a ransomware infection?
This document can be particularly useful if your board does not have tons of institutional cybersecurity knowledge. It’s important that organizations take proactive measures and not simply rely on insurance to solve all of their data breach problems. As we shared last week, cyber insurance is not a substitute for cybersecurity.
In 2013, the FBI began its initial review of active shooter incidents, which has been updated periodically and has now been updated into a more comprehensive reference. The FBI defines an “active shooter” as one or more individuals actively engaged in killing or attempting to kill people in a populated area. Implicit in this definition is the shooter’s use of one or more firearms. The “active” aspect of the definition inherently implies the ongoing nature of the incidents, and thus the potential for the response to affect the outcome. The report identifies 333 incidents between 2000-2019 that met their search criteria, and the report acknowledges there may be incidents that were not captured as they fell just outside of those criteria. This report includes as additional 28 incidents which were not previously included in reporting. The potential for active-shooter incidents is a serious concern for the cannabis industry, particularly in light of the Forbes report about “Budtenders Arming Themselves as Gunman Target Dispensaries.” In addition to the 20 year review, partners are encouraged to review the active shooter resources that have been made available by the FBI, and consider additional training and workshop opportunities to increase organizational resilience. Below is a breakdown of some of the report statistics which are relevant to the commercial facilities sector:
- 333 total incidents in 43 states and DC
- 2,851 total casualties (excluding shooters)
- 135 incidents met “mass killing” definition of 3 or more killings in a single incident
- Incidents at Businesses Open to Pedestrian Traffic- 96
- Incidents at Businesses Closed to Pedestrian Traffic- 41
- Incidents at Malls- 10
According to an informal survey by MJBIZDaily, many marijuana, CBD, and hemp retailers are slowly adjusting their store protocols for mask-wearing and social distancing, but others are still requiring masks, particularly for unvaccinated customers. Retail operators have often been on the front lines of mask disputes over the past year with countless examples of confrontations between employees and customers who did not wish to abide by policies. Many in the retail world have worried the sudden CDC announcement failed to properly consider the impact of the new policy on front line workers. To help minimize potential confrontations, retailers should make any of their COVID policy changes known with clear signs, as well as through any available means such as social media posts and newsletters. This article from Risk Management Magazine details protocols for facing customers who refuse to wear masks.
June 1 marks the official start to the Atlantic Hurricane Season which will run until November 30. For up to date tracking Hurrevac is a web-based hurricane tracking and decision support tool. It is a resource during evacuations, as well as providing a common forecast picture for emergency managers. The toll features evacuation timing reports, national storm surge maps, and storm simulation. Registration is now open for the National Hurricane Program’s annual HURREVAC webinar series. Trainings will be held each afternoon during the week of June 7 for a look at what’s new in HURREVAC beginning with the 2021 season and to offer a comprehensive understanding of the program’s utility to emergency managers.
Be sure to check back every Tuesday as we publish our Library Card Series where we highlight one of the resources available in our library!
Check out the latest blog!Tweet