In this blog series, our Executive Director Ben Taylor highlights a selection of cybersecurity, physical security, health or natural threat related stories relevant to the cannabis industry.
The Cybersecurity and Infrastructure Security Agency (CISA) announced on Friday that it plans to convene a Joint Ransomware Task Force, while the Department of Justice announced it is launching two international initiatives aimed at tracking illegal cryptocurrency transfers and disrupting “top tier” cyber actors.
The announcements were made by top government officials at an Institute for Security and Technology event held to mark the one-year anniversary of the Ransomware Task Force — a public-private initiative that brought together dozens of experts from law enforcement agencies, cybersecurity firms, and civil society organizations. The event featured keynotes and commentaries from National Cyber Director Chris Inglis, the current and former directors of CISA, and Deputy Attorney General Lisa Monaco, highlighting how ransomware has become a top priority across the government.
CISA director Jen Easterly said the Joint Ransomware Task Force, which was called for in the Cyber Incident Reporting for Critical Infrastructure Act of 2022 (CIRCIA), would be led by Eric Goldstein, CISA’s executive assistant director for cybersecurity, and Bryan Vorndran, assistant director of the FBI’s Cyber Division. CIRCIA became law in March as part of the omnibus spending bill.
“Given what’s in that legislation and what the Task Force is envisioned to do — there’s a lot of disruption of ransomware actors [including] infrastructure, finances — I thought it was really important that the FBI co-chairs,” Easterly said, adding that the group will hold its first official meeting sometime in the next few months. “It’s very likely that industry is going to see a cyberattack on the homeland before we see it. … We have to be in the same room, we have to trust each other.”
CISA has added 74 new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise.
New York Attorney General Letitia James and New York City Mayor Eric Adams announced yesterday the takedown of a massive retail theft operation in New York City that stole and resold millions of dollars in goods. 41 people were charged for their roles in the crime ring that stole luxury clothing and goods and thousands of items from drug stores that were then resold on eBay. During the three-year joint investigation conducted by the Office of the Attorney General’s (OAG) Organized Crime Task Force (OCTF) and the NYPD’s Grand Larceny Division, law enforcement seized more than $3.8 million worth of stolen retail items from the enterprise’s alleged boss, Roni Rubinov, more than 550 stolen gift and cash cards, and more than $300,000 in cash. The defendants are being charged with various counts of enterprise corruption, money laundering, criminal possession of stolen property, scheme to defraud and conspiracy.
“Organized retail crime goes well beyond the obvious financial loss for retailers,” said Melissa O’Connor, president and CEO, Retail Council of New York State. “This activity has become a serious community safety issue and, unfortunately, it has gotten more prevalent over time. I want to thank Attorney General Letitia James for holding these crime syndicates accountable to the full extent of the law. This sends a bold message to those who continue to engage in unlawful and dangerous acts in local stores throughout the state. Our top priority is the safety of our employees and customers. We will continue to work with the Office of the Attorney General, lawmakers, prosecutors, and law enforcement agencies to further our shared goal of safer communities.”
In the LP Magazine January 2022 ORC BLITZ virtual event, three executives from the Retail Industry Leaders Association (RILA) explained how their organization is working with their retail members to push for federal and state legislation that would increase penalties for organized retail crime (ORC) as well as force online marketplaces to be more transparent with who is selling goods on their platforms.
The dynamic increase in legal cannabis businesses represents a new growth market for commercial security providers, along with responsibilities for integrators to apply their professional expertise in risk assessment, project management, and innovative technologies to implement code-compliant systems that best protect these emerging, high-risk enterprises. Federal legalization aside, all cannabis business stakeholders, whether they are dispensary owners, cultivators, or manufacturers, currently need professional, comprehensive security expertise for their security, fire, and life safety programs, while also meeting stringent state and city licensing requirements.
Securing a cannabis operation that encompasses several states — and state laws — with both growing and retail facilities is no easy feat; so Johnson turned to a security integrator partner, John Rodhouse of Spartan Security, for help. Spartan has its own interesting start-up story: Rodhouse and a few of his aerospace engineering friends from college started the security company on a shoestring about three and half years ago at the urging of a professor. “Our professor’s philosophy was, ‘You will be broke when you start a business so why not start one now when you are broke already?’ Rodhouse recalls. The strategy was successful. “We have worked in 25 states and have a network of contractors that work with us,” he says. About a year ago, the company transitioned from doing tech rollouts to also specializing in cannabis security, he adds.
Russia’s invasion of Ukraine as well as ongoing supply-chain issues are causing a global fertilizer shortfall, leading cannabis growers to brace for higher prices. “With disruptions taking place, this will inevitably lead to inflation on not only fertilizers but harvested food crops and potentially cannabis,” said Huston Hoelscher, manager of the environmental sciences group and senior pest control advisor at Urban-Gro, a marijuana cultivation facility design and engineering firm based in Lafayette, Colorado.
The cannabis industry has been struggling with supply-chain problems since the COVID-19 pandemic upended shipping and logistics in 2020. Couple that with the Russia-Ukraine conflict its likely that some U.S. cannabis growers will be unable to buy all the nutrients they need because of the current supply shortfall.
103 people were killed and 140 were wounded in 61 active shooter incidents across 30 states last year, according to new data released by the FBI. This data represents an increase of more than 50 percent from 2020 and nearly 97 percent from 2017. The report also observed an emerging trend of roving active shooters, meaning shooters who open fire in multiple locations either in a day or in various locations over several days. Active shooter incidents spanned 30 states last year, killing 103 people and wounding 140 others. The casualties listed in the report do not include the shooters, the report said. The year before, active shooter incidents across 19 states killed 38 people and wounded 126.
The FBI said in a news release that the reports “are not intended to explore all facets of active shooter incidents” but rather are meant to provide law enforcement officers, other first responders and the public with a “baseline understanding” of such incidents. However, the report found that there were relationships between shooters and their targets or targeted locations. Six shooters were employees, four were former employees, two were current students, two had past personal or professional relationships, and one was a business owner.
Of particular note for the Commercial Facilities sector, 32 incidents were classified as occurring at locations of commerce (which includes businesses open to pedestrian traffic, businesses closed to pedestrian traffic, and malls), while another 19 happened in open spaces.
The U.S. has seen several tragic and high-profile shootings recently. They have pushed both issues of gun control and race relations further into the national spotlight, and continued driving a wedge deeper into the country. The potential for civil unrest in response to these and other incidents is real, and can have impacts on businesses from both a disruption standpoint, as well as vandalism and violence. In addition the active shooter resources below, we are also linking to resources related to preparing for protest activity.
- FBI Active Shooter Resource Page
- CISA Active Shooter Preparedness
- CISA Security of Soft Targets and Crowded Places- Resource Guide
- Ready.gov Attacks in Crowded and Public Spaces
- CISA Protecting Infrastructure During Public Demonstrations
- BOMA Civil Unrest and Protests: How to Prepare Your Commercial Property
Check out the latest blog highlighting issues important to cannabis security!Tweet