In this blog series, our Executive Director Ben Taylor highlights a selection of cybersecurity, physical security, health or natural threat related stories from the past week.

Information Sharing Platform Launches

Cannabis ISAO Opens up Slack Workspace for Cannabis Industry and Security Professional Collaboration

ICYMI. Cannabis ISAO’s FREE Slack workspace is a dedicated space for cannabis industry professionals alongside vetted security professionals to share best practices and lessons learned to further enhance the resiliency of the cannabis industry from all threats, including physical security, cybersecurity, and natural threats. Membership in the Cannabis ISAO is not a requirement to participate in the Slack workspace, but membership does allow access to additional channels and documents of increased sensitivity.  Interested parties can apply here.

Cybersecurity

$2.35 Million Settlement in Dickey’s Barbecue Data Breach Class Action

Last week, a proposed data breach class action against Dickey’s Barbecue Restaurants Inc. was settled for $2.35 million in the U.S. District Court for the Northern District of Texas with approval of the settlement terms. Dickey’s is a Dallas-based restaurant chain that allegedly failed to implement appropriate security measures to protect consumer personal information from a breach, and allegedly violated the California Consumer Privacy Act (CCPA) as well, according to plaintiffs’ complaints.

Tech Giants Pledge Billions to Biden’s “Whole of Nation” Security Plan

President Biden met with private sector and education leaders to discuss the whole-of-nation effort needed to address cybersecurity threats. Recent high-profile cybersecurity incidents demonstrate that both U.S. public and private sector entities increasingly face sophisticated malicious cyber activity. Cybersecurity threats and incidents affect businesses of all sizes, small towns, and cities in every corner of the country, and the pocketbooks of middle-class families. Compounding the challenge, nearly half a million public and private cybersecurity jobs remain unfilled. Upcoming commitments and initiatives include:

  • National Institute of Standards and Technology (NIST) will collaborate with industry and other partners to develop a new framework to improve the security and integrity of the technology supply chain.
  • The formal expansion of the Industrial Control Systems Cybersecurity Initiative to a second major sector: natural gas pipelines.
  • Apple announced it will establish a new program to drive continuous security improvements throughout the technology supply chain. 
  • Google announced it will invest $10 billion over the next five years to expand zero-trust programs, help secure the software supply chain, and enhance open-source security.
  • IBM announced it will train 150,000 people in cybersecurity skills over the next three years, and will partner with more than 20 Historically Black Colleges & Universities to establish Cybersecurity Leadership Centers to grow a more diverse cyber workforce.
  • Microsoft announced it will invest $20 billion over the next 5 years to accelerate efforts to integrate cyber security by design and deliver advanced security solutions.
  • Amazon announced it will make available to the public at no charge the security awareness training it offers its employees

Physical Security

Armed Robbery at Marijuana Dispensary in Newaygo Co.

Authorities arrested one suspect and are searching for another in connection to an armed robbery at a marijuana dispensary in Newaygo County Monday night. The Newaygo County Sheriff’s Office said authorities were called around 8:30 p.m. Monday for a report of an armed robbery at a marijuana dispensary south of Hesperia. The sheriff’s office did not release the name of the business. Two employees were robbed at gunpoint then tied up with zip-ties. The two suspects drove away in a red Dodge Charger before authorities arrived, according to NCSO. A vehicle matching the description was pulled over by Three Rivers police in St. Joseph County. One of the suspects was immediately arrested while the other ran away. Authorities continue to search for the second suspect. No description of the suspect was released but the sheriff’s office said both suspects were from northern Indiana.

Security Trends and Emerging Technologies in the Cannabis Industry

As the cannabis industry is adapting to changing laws and a more accepting society, the security industry is also advancing to meet these new needs. Each year, new security technologies emerge that can be applied or modified for the cannabis industry. This year, the cannabis industry is trending toward remote security technologies that could potentially improve business operations and efficiency. Although these remote technologies had already been in development, their use in security solutions has been increasing in popularity since the start of the COVID-19 pandemic. The article breaks down the latest in video surveillance systems, access control systems, alarm systems, smart safe and secure storage. An important note from the authors to emphasize- “Like any security system that operates using the cloud, these access control systems also have more cybersecurity risks than a system that is managed on-site. Though there are cybersecurity tactics that can be used to protect the system, cloud-based security equipment is more vulnerable to hacking. If these systems are used, cannabis business owners should contract with an experienced IT professional to ensure their system is secure from cybersecurity threats.” 

“Justice for J6 Rally” Updates

As reported by local Washington D.C. CBS station WUSA 9 last Friday, “In a flash notice sent to all officers and members of the department Thursday, Metropolitan Police activated the entire force and postponed vacation days, in anticipation of a Sept. 18 protest organized by supporters of Jan. 6 defendants. The rally, known as ‘Justice for J6,’ is planned for the Union Square area of the Capitol grounds, the section of the west front encompassing the Ulysses S. Grant Memorial and Capitol reflecting pool… A spokesperson for the U.S. Capitol Police said the department is aware of the proposed rally, but could not provide details of submitted permits or security changes. As of Thursday, the National Park Service also said it has not received notice from the group, Look Ahead America, on whether National Mall grounds would be included for the proposed protest…” Not directly related but of possible interest with mass gatherings such as this, a new report “Armed Assembly: Guns, Demonstrations, and Political Violence in America,” speaks to increasing armed protests and the escalating potential for violence (read more from USA Today).  Cannabis ISAO has received reports that some of the activity leading up to the September 18 event mirrors that of the planning activities prior to the events of January 06. Dispensaries and other organizations with public facing space within the U.S. Capital Region should be mindful of the threat from protest related violence leading up to this date and should report suspicious activity to the Department of Homeland Security, or their local law enforcement.

Natural Threats

West Coast Cannabis Growers Operating Under Ongoing Threat of Wildfire, Smoke

MJBizDaily details this year’s wildfire season which started in July and blanketed much of the West in smoke, while some experts are warning that fire season could last until December.  “It’s par for the course that you’re going to be dealing with wildfires during the season,” said Karla Avila, executive director of the Trinity County Agriculture Alliance, a marijuana trade association in Northern California’s Emerald Triangle. “Doesn’t make it less stressful, but it’s something we have to be prepared for and work on all year long, maintaining our perimeters and keeping our farms defensible,” she added.

Possible major hurricane could hit the US Coast

Tropical Depression Nine has formed in the Caribbean Sea and confidence is growing that a potentially major hurricane could hit the US by late this weekend or early next week. Exactly where and when is still to be determined, with confidence in these details expected to increase once the center of the system is located, hopefully later Thursday. “(Computer forecast) models overall have increased in agreement with the track, focusing on the northern Texas coast and the coast of Louisiana,” the National Weather Service in Lake Charles, Louisiana, said Thursday.

Be sure to check back every Tuesday as we publish our Library Card Series where we highlight one of the resources available in our library!

Check out the latest blog highlighting issues important to cannabis security!