In this blog series, our Executive Director Ben Taylor highlights a selection of cybersecurity, physical security, health or natural threat related stories from the past week.


Kroll Data Breach Report: Less-Regulated Industries Targeted

The number of data breach notifications jumped 140% in 2020 from the previous year, with a surge in attacks against less-regulated industries, according to Kroll’s 2021 Data Breach Outlook. When they targeted less-regulated industries (including several areas very relevant to Commercial Facilities) – such as food and beverage, construction and agriculture – attackers were “making some assumptions that they are lacking some best security practices that would help them reduce the risk of a cyberattack,” says Brian Lapidus, global practice leader for Kroll’s identity theft and breach notification practice. Heather Williams, associate managing director of Kroll’s cyber risk practice, notes cybercriminals “are really kicking it up a notch” to target industries “that are still critical to our infrastructure but may not be the ones that are the most mature and have much budget to spend on closing gaps in their security.” Given the President’s recent discussion with Russia’s Vladimir Putin, criminals may increase efforts to target entities not directly identified as critical infrastructure but that may have direct impacts to members.

Physical Security

Havenhill Marijuana Store Robbed with BB Gun; Suspect Arrested

Police arrested a Haverhill man Wednesday after he allegedly robbed a recreational marijuana store in the city with a BB gun, in what appears to be the first such incident since legal cannabis dispensaries opened in Massachusetts in 2015. The alleged robbery occurred around 12:31 p.m. at the CNA Stores cannabis retailer on River Street, Haverhill police spokesman Stephen Doherty said. CNA Stores chief executive Rob DiFazio said in a statement that no employees were hurt during the incident, thanks to a quick police response and the shop’s security training and procedures. The Haverhill store, which closed following the alleged robbery, will re-open Thursday morning.

The Increase in Dispensary Crime Just Reaffirms the Need for Cannabis Banking

Delays in legislation that will provide more banking options for cannabis businesses continue to put the industry at risk from robberies and physical violence. In an incident in late 2020, Michael Arthur, a budtender employed at the Cured Green, a single-location legal marijuana dispensary in Oregon, was murdered by armed intruders. His death was part of a number of armed robberies of cannabis dispensaries in Portland. In the past year around two robberies a week occur at Portland dispensaries, with countless more happening every week across the United States. The author of this article contends that “The ever-increasing occurrence of violent incidents has sparked more conversation about whether pot shops should allow their employees to carry weapons.” At the Cannabis ISAO we feel that is akin to expecting teachers to carry weapons in order to prevent school shootings. It is imperative as a nation that we create safer banking opportunities for cannabis businesses and not put unfair burden on frontline workers to carry weapons in order to protect their place of business.

Security Advice for the Cannabis Industry Newcomer

If you fail to plan, you plan to fail. Establishing a robust security plan can help save a lot of money down the road. Of course, physical and cybersecurity threats are ever-evolving and that is why realtime information sharing is so vital in keeping any security relevant. This article does a good job of highlighting some of the considerations that should go into a well rounded security plan.

Natural Threats

U.S.  had had Most Wildfires Through June in 10 Years

As the U.S. has already outpaced early wildfire activity from the past 10 years, officials are warning that we have not yet reached peak wildfire season. The drought conditions that already existed in many areas across the U.S. have been exasperated by an ongoing heat wave . Through June 21, there have been 28,926 large wildfires in the U.S. in 2021, according to the National Interagency Fire Center in Boise, Idaho. This is about 4,000 more wildfires than usual, and the most wildfires to date in any year since 2011. In California, where wildfires charred a record 4.3 million acres last year, state fire officials are pleading with residents to take greater personal responsibility for preventing blazes. The vast majority of wildfires — upward of 90 percent by some estimates — are caused by human activity, so reaching residents is a priority. Several weeks ago in our Library Card Series blog we reviewed’s Wildfire Safety Resources and recommend organizations look through those resources as they are developing or refining a wildfire safety plan for their business.

The Delta Variant Appears to have Tripled to 31% of all US Coronavirus Cases in just 11 Days

As of Wednesday, the Delta coronavirus variant may have been responsible for 31% of all coronavirus cases in the U.S., according to an estimate by the Financial Times. Previous data from the Centers for Disease Control and Prevention put that share of cases at about 10% as of 05 Jun and 2.7% on 22 May. The Financial Times estimate, based on available sequencing data, would mean the share of Delta-variant infections in the US tripled in just 11 days. The CDC has not yet released data on the rate of Delta-variant cases after 05 June in the U.S. but the AP Is reporting that nearly all COVID-19 deaths In U.S. are among the unvaccinated. In Europe, a spike of coronavirus infections is being driven by the Delta variant, according to global health leaders, even as immunization rates in some countries are on the way up. Increased cases reported in the U.K. and Portugal have forced officials to reimplement lockdown restrictions or hold off on lifting pandemic mandates. Officials in France, Germany and Spain said they are closely monitoring clusters of infection tied to the Delta variant.

Security Podcast Recommendation

Nerd Out Podcast!- Reports Galore

In the latest episode of Nerd Out, Dave Pounder is joined by some old friends, Joe Levy and Bridget Johnson, while they welcome in Amanda Mason to the panel where they discuss the latest series of reports from the FBI, the U.S. Senate, and from across the pond and the Manchester Arena bombing inquiry. Amanda is currently serving as the Vice President of Intelligence for the Related Companies and is a valued part of our RE-ISAC  community, where she has been involved in a number of recent briefings and helps lead our Commercial Facilities Cyber Working Group initiative. Read more on Amanda’s background from the link above. They discuss the value of these types of reports, and the lessons that can be learned from the observations. Amanda then shares some of the insight from the January 6th incident at the U.S. Capitol from a first-hand view of the situation as it unfolded. After going through the reports and calling out some of the challenges highlighted, the panel goes through a rapid-fire session with questions ranging from security trends, ransomware, and what the panel is reading or watching. The reports discussed include: Active Shooter Incidents 20-Year Review 2000-2019,  Examining the U.S. Capitol AttackA Review of the Security, Planning, and Response Failures of January 6 Manchester Arena Inquiry.

Be sure to check back every Tuesday as we publish our Library Card Series where we highlight one of the resources available in our library!

Check out the latest blog!