By Corey Tobin
In today’s mostly digital world, there are many attributes that make cannabis companies tempting targets for cyber criminals.
When you run a cannabis business – be it retail, cultivation, manufacturing, or distribution – whether you are experiencing a cyberattack is not a question of if, but of when.
What is behind these violations? What’s at stake? And what should your company consider when developing its digital infrastructure?
Here are the top four reasons cannabis companies are often hit by cyberattacks.
- It’s an emerging industry
A recent report from Experian shows that emerging industries continue to be prime targets for cyber criminals. The reason? Often times, these types of operations focus more on the pros and cons of starting and growing their new business than on the potential exposure to cyberattacks that make them vulnerable.
- Pharmacies collect confidential information
In order to comply with state laws, cannabis dispensaries are required to access and store large amounts of personal information in their point of sale systems. In 2020, tens of thousands of consumer data were stolen from several U.S. marijuana dispensaries. Examples of data leaked included full names, photo IDs, phone numbers, home addresses, dates of birth, medical ID numbers, signatures, and items purchased.
- The lingering stigma surrounding cannabis use
Some customers may not want the public to know that they are using cannabis – even though it is legal in their state to do so. These can be high profile clients who want to stay private and clients who don’t want their employers to know they bought cannabis products. Whatever the reason, this has led to cyber extortion and ransomware attacks on pharmacies as hackers attempt to purposefully extort and extort personal information from customers who have purchased cannabis products.
- It’s an end-user driven industry
From budget tenders to cashiers to shipping and receptionists, pharmacies are primarily end-user-based operations. When it comes to cybersecurity, your employees should be your first line of defense against a cyber attack. It is important to properly train employees in best practices for protecting against cybersecurity risks, such as: B. to identify nefarious e-mails and to protect customer data – to name just a few.
Ultimately, you cannot completely rule out the risk of a cyber attack. However, you can make sure all the parts are there to be in the best shape in the event that you should experience such an event. And it starts with building effective policy language and coverage.
As a specialist in the cannabis industry, I can help you stay informed about important covers to keep your business safe.
If you have any questions about your reporting, please contact [email protected] or 626-703-1556.
Follow Corey further Instagram and LinkedIn for more.