While you frequently hear about cyber-attacks on big companies, in fact most cyber-attacks target small companies. While the cannabis industry is growing fast, the typical cannabis business is a newly created small business and a prime target of cyber criminals.
Cybersecurity issues facing the cannabis issues include:
1) Data Privacy: Protecting sensitive customer and patient data
2) Cyber Attacks: Ransomware, phishing, and network penetration
3) Compliance: as a heavily regulated industry, companies must comply with many state and federal regulations. Medical dispensaries must also comply with HIPAA
4) Employee training: many cybersecurity breaches occur through human error such as clicking on links and social engineering
5) Business partner security: even if your business is secure, you must make sure any partners you share information with are equally protected
Each of these issues will be discussed in more detail in future posts.
The very first step to minimize the cyber-threat to your cannabis company is the same as for every other industry: create and execute a cyber security program. This program will address all the above issues, identify specific risks posed to your business, assess the impact on your business and create a plan to address discovered risks prioritizing ones that pose the largest threat.
Many businesses struggle creating and executing a cybersecurity program. We can help you develop your cybersecurity program, provide policies and procedures to help you comply, and provide a platform to demonstrate compliance to regulators, partners, and investors.
If you have any questions or comments, please leave them below or contact me directly.
CMIT Solutions of Brooklyn North