Tag Archives: phish

Biros' Blog

Tuesday, September 24th is National Voter Registration Day

By Aaron G. Biros
No Comments

In an interview with HeadCount back in 2012, Bob Weir, founding member of the Grateful Dead, discussed the importance of registering to vote. “Just register, study up and vote. It’s your future. Don’t let people take that from you,” says Weir. “Cause in years to come you’ll be wishing you had.”

Tuesday, September 24th is National Voter Registration Day and we want to remind our readers to register to vote. If you subscribe to our newsletter, read our articles, news stories, columns and features, then chances are that you support legal cannabis. If you are supportive of legal cannabis, then you should consider voting for candidates that support the same cause. Cannabis legalization is about more than just creating a legal marketplace; it’s about social justice, equality, civil rights and more. If you can heal the symptoms, but not affect the cause, it’s quite a bit like trying to heal a gunshot wound with gauze.

Bob Weir, founding member of the Grateful Dead
Image: jgullo, Flickr

The 2020 election is approaching faster than you think and choosing candidates that support legal cannabis is a quick and easy way to help. We really like what the Cannabis Voter Project (CVP) is up to. CVP is a nonprofit initiative started by HeadCount, an organization that promotes voter registration and participation in democracy through the power of music. This past summer, CVP went on tour with Dead & Co., engaging with concertgoers about registering to vote. Headcount has helped about 600,000 people register to vote so far. Bob Weir sits on their board of directors. Bands like Phish, Jay-Z, Dave Matthews, Pearl Jam have also helped get the word out about registering to vote as a part of HeadCount’s campaign.

You can register to vote or check your voter registration status by clicking hereYou can also text CANNA to 40649 to contact your lawmakers and ask where they stand on cannabis. Once in a while you get shown the light, in the strangest of places if you look at it right. At the CVP’s website, you can check out their database of congress, organized state-by-state, with each members’ stance on cannabis.

Their advisory board features cannabis companies like CannaCraft, Terrapin Care Station, Harvest, Sal Pace Consulting, 1906 and Vicente Sederberg. They went on tour with funk band Lettuce to educate the band’s fans about what’s going on with cannabis policy in their state and how they can use their vote to impact cannabis policy.

Cannabis is a bipartisan issue. The cannabis voting bloc is bigger than you think and we have the power to make change happen by making our voices heard. “HeadCount is not so much political, it’s nonpartisan,” says Weir. “What we’re trying to do is get kids to register, pay attention to what candidates are saying, pay attention to the politics of the moment, and react with their hearts and minds.”

The cannabis legalization movement has made serious progress recently, but we still have to just keep truckin’ on.

Top 5 Cybersecurity Threats To The Cannabis Industry

By Lalé Bonner
No Comments

Is your cannabis business an attractive target for cyber criminals? With the influx of investment to this market and new businesses opening frequently throughout the United States, the legal cannabis industry is a prime target for cyber criminals.

Never share personal information (login and passwords, social security numbers, payment card information, etc.) over email.Cannabis industry hackers pick their targets by vulnerability, exploiting consumer or patient data to darknet black markets and forums. The impact can be devastating to both the business and their consumers. With new laws on protecting consumer and patient data on the horizon, businesses that do not adequately protect that data, could face stiff fines, in addition to losing the trust of their customers.

So, how do these attacks present themselves? Recent studies implicate employees as the “weakest link” in the cybersecurity chain due to a lack of cybersecurity best practices and training. Implementing safeguards and providing employee training is imperative to the cybersecurity health of your business.

Now, let’s identify the top 5 cybersecurity threats to the cannabis industry and some valuable tips for protecting against these criminal hacks:

PhishingPhishing is a form of cyber-attack, typically disguised as an official email from a trustworthy entity, attempting to dupe the recipient into revealing confidential information or downloading malware. Don’t take the bait! 91 percent of cyber-attacks start as phishing scams, with most of these lures being cast through fraudulent emails.

  • Tips: Do not download attachments from unknown senders!
  • Never share personal information (login and passwords, social security numbers, payment card information, etc.) over email.

Password ManagementPassword complexity is key to protecting against cyber breaches. When it comes to data hacking, 81 percent of breaches are caused by stolen or weak passwords. With a password often being the only barrier between you and a data breach, creating a complex password will dramatically decrease those password-sniffers from obtaining your sensitive information.

  • Tips: Create passwords that are at least 12 characters in length – include letters, numbers and symbols (*$%^!), and never use a default password. This will fend off brute-force attacks.
  • Change passwords every six months to a year, keeping them complicated and protected. For IT Managers, make using a password manager mandatory for all employees. (Pro-tip: LastPass is free).Be cautious with network selection as hackers set up free Wi-Fi networks that appear to be associated with an institution.

Public Wi-FiBeing able to connect in public spaces, while a modern marvel of convenience, leaves us wide open to cyber-attacks. Whether you are in an airport or café, always err on the side of caution.

  • Tips: Be cautious with network selection as hackers set up free Wi-Fi networks that appear to be associated with an institution.
  • Browse in a “private” or “incognito” window to avoid saving information. If you have a VPN, use it. If not, then do not handle any sensitive data.

BYOD: Beware of Bad Apps: Using personal devices for work has become the norm. In fact, approximately 74 percent of businesses have bring-your-own-device (BYOD) policies or plans to adopt in the future.

With these platforms providing greater access to mobile apps, comes greater responsibility on the part of the end user.

  • Tips: Password protect devices that will be used for work (and, any device in general).
  • Only download applications from a trusted, authorized app store. Do not use untrusted play apps.
  • Mobile device protection is recommended for any device being used on a business network.

Whether it is an app from an unauthorized website or a lost/stolen device that was not password protected, cyber criminals do not need much to compromise critical data.Avoid logging into a SaaS application on a public computer or public Wi-Fi network.

SaaS Selectively: Keep Sensitive Data Safe: SaaS (Software As A Service) are cloud-based software solutions and chances are you are using one of these SaaS solutions for work purposes. IT is typically responsible for implementing security controls for SaaS applications, but ultimate responsibility falls on IT and the end user jointly. Here is what you can do to help keep these solutions safe:

  • Tips: Avoid logging into a SaaS application on a public computer or public Wi-Fi network.
  • Never share your SaaS login credentials with unauthorized persons over digital format or in person. Lastly, if you need to step away, always lock your screen during an active session.

While these tips will help keep your consumer/patient data from falling into the wrong hands, always have a plan B- backup plan! Your plan B must incorporate saving important data to a backup drive daily. Most likely, there is already a backup protocol in place for your mission-critical work data; however, for sanity’s sake, back up your BYOD devices as well.