In this blog series, our Executive Director Ben Taylor highlights a selection of cybersecurity, physical security, health or natural threat related stories relevant to the cannabis industry.


Here’s What Happened with Log4Shell While You Were Out

The New Year is traditionally a time for “ringing out the old” and “ringing in the new” – for taking stock of what came before and what waits ahead.

Unfortunately, IT and security teams didn’t have that kind of luxury this New Year. Instead, they put the party hats and champagne aside and spent the New Year in something like a dystopian fight for survival. Their adversaries? Hacking and ransomware crews anxious to exploit Log4Shell, a “10 out of 10” remotely exploitable vulnerability in the ubiquitous Log4j open source logging library.

We have compiled a list of useful Log4j related references for IT teams to utilize.

OMMA Warns Of Email Scam Targeting Medical Marijuana Patients

The Oklahoma Medical Marijuana Authority (OMMA) is warning about scammers targeting medical marijuana patients. The OMMA says an email went out asking license holders to verify their email addresses. The agency said a scammer is asking licensees to verify email addresses with a link while using a fake Gmail account. The fake email follows a legitimate OMMA email sent out Tuesday about updating licensees on new software. The OMMA says that if you get that email, delete it, do not click on the link and do not reply to the message.

This is an important reminder about phishing attacks. Training employees to always be suspicious of unsolicited emails can go a long way to building a good cybersecurity safe culture.

Physical Security

Americans for Safe Access Releases Robbery Preparedness Guide

Unfortunately the new year has seen the same trend of dispensary robberies continue. A recent Ganjapreneur article featured industry leaders offering their predictions for 2022. According to The People’s Ecosystem Co-Founder & CEO Christine Del La Rosa, “If California and Oregon are any indications of the future of retail where mass mob robberies are happening with very little intervention or protection from the state I would say that 2022 is going to see an incredible increase in delivery. It is more practical for small operators to implement delivery rather than face the risk to their safety, their employees’ safety, and their business safety in the current climate. And, based on the actions we’ve seen from law enforcement it does not appear that this type of danger to operators and their business will change anytime soon.”

In an effort to educate the industry and provide best practices before, during, and after a robbery, Americans for Safe Access released a Robbery Preparedness Guide last month. The guide is adapted from materials in their Patient Focused Certification (PFC) Business Operations Training program.

Recent incident headlines include:

Natural Events

10 cannabis Industry Trends to Watch for in 2022

While this is an interesting read from MJBizDaily for anyone in the cannabis industry, the item we want to focus on today is  #8 on this list, “Climate change unpredictability will continue”. The author notes that “Cannabis growers must remain flexible and adaptable, as climate change means normal weather patterns can no longer be trusted.” While weather patterns will be harder to predict, scientists do expect tend to agree that severe weather events will increase in frequency. We have previously blogged about best practices in preparing for severe weather events, and we’ll link to those resources below.

Be sure to check back every Tuesday as we publish our Library Card Series where we highlight one of the resources available in our library!

Check out the latest blog highlighting issues important to cannabis security!