Running a cannabis business today means you have a lot of different tasks on your plate. Production, customer service, sales – each becomes a priority at various times of the day.
What about cybersecurity?
Security experts will tell you it’s not a matter of IF you will experience a cyberattack, but when. Especially for a cannabis business. There are several reasons for that.
1. It’s an emerging industry. Because there are so many rules, regulations, and barriers to starting and growing a cannabis business, many new owners spend time on business tasks and ignore rising cybersecurity tasks.
2. They may have sensitive data. Dispensaries obtain and store large quantities of sensitive data if they are in the medical marijuana business. With critical personal information like names, photo IDs, birth dates, medical ID information, and signatures, it can be a treasure trove for would-be criminals.
3. It’s a user-driven industry. With the stigma regarding cannabis use still in existence, it attracts a wide variety of employees and customers. That means you’re more vulnerable to criminal acts like ransomware, and employees who get into the industry for the wrong reasons.
Cybercriminals, as a whole, look for easy ways in. Forty-six percent of all cyber breaches impact businesses with fewer than 1,000 employees.
What can you do? We believe a strong cyber defense program has pillars to keep you safe:
Assess the risk. You don’t know where to go if you don’t know where you currently stand. A comprehensive approach starts by finding your vulnerabilities and assessing your risks.
Secure. With your vulnerabilities in sight, it’s time to add security measures. If you have employees traveling or working remotely, ensure your data remains safe no matter where it’s accessed.
Train. Training is an ongoing process. Employees need to know the importance of cybersecurity and their part in the overall process. Conduct refresher courses periodically, especially as employees come and go. Test them once in a while through simulated attacks to see how well they do in the process.
Develop a backup strategy. A solid backup plan ensures that you’re less susceptible to ransomware attacks and that you can restore operations in the event of a problem. If possible, backup every day, and use cloud solutions to ensure safety.
Build a response plan. What will you do if you’re attacked? By having a system in place for response, you’ll have steps to follow as you recover and begin getting your technology back into place.
Ultimately, you can’t eliminate risk altogether, but you can prepare yourself as much as possible for when it happens. If you recognize it early, you can catch it early. And that means recovery can be that much easier.
For IT Strategy, Security and Compliance, or Help Desk Services, reach out to us at Cannabis Technology Partners 360-450-4759.
