NEWS FROM AROUND THE GLOBE BROUGHT TO YOU BY THE ICBC

Tag: ontario

cn tower toronto ontario canada

Ontario’s Cannabis Industry Model Needs A Revamp

Written by Johnny Green on . Posted in Archives, Business, Policy.

On August 5th a third-party distribution center in Ontario, Canada named Domain Logistics was subjected to a cyber attack that essentially crippled the company’s ability to deliver cannabis products to licensed retailers. Domain Logistics contracts with the provincial government in Ontario where all licensed outlets are required to purchase their cannabis from the government (Ontario Cannabis Store).

Had the cyber attack occurred in most other legal cannabis markets, it would have largely been an isolated incident and the fallout from the attack would have only affected a small percentage of cannabis businesses. However, being that every retailer must go through the Ontario Cannabis Store, and by extension, its vendors, the fallout from the cyber attack on August 5th spread across the province.

A Broken Monopoly Model

It is estimated that Ontario is home to roughly 1,333 licensed retailers. Some of the licensed outlets are part of large store chains while others are small, family-owned operations consisting of only one store. Of course, there are also cannabis companies that fall somewhere in between.

Regardless of their size, as previously mentioned in this article, every single licensed retail outlet has to go through the Ontario Cannabis Store since it has a monopoly on supplying inventory. Monopoly models rarely work, especially when the entity having the monopoly is the government and the product is cannabis which has to compete with an unregulated market.

In a monopoly cannabis model, it only takes one hiccup anywhere in the supply chain to largely bring the regulated cannabis industry in that market to a grinding halt. That is on full display in Ontario where licensed retailers received no cannabis product deliveries for roughly a week. Even with deliveries finally resuming, many retailers are still experiencing bare shelves.

The Need For Further Reform

The main lesson from this latest cyber attack in Ontario is that there need to be further reforms to help ensure that the regulated industry can effectively compete with the unregulated industry. The current model will always be vulnerable to all types of issues, not just cyber attacks, and it only takes one major issue to cause enormous damage to the regulated industry.

How many consumers and patients sought out unregulated sources for cannabis due to the halt in deliveries in Ontario? We may never know the actual number, however, it’s a safe bet that it was a considerable percentage of people that would have otherwise made their purchases from regulated sources, and that is unacceptable.

Regulated outlets have a hard enough time competing with the unregulated market being that the unregulated market requires considerably less overhead to operate. After licensing fees, facility rental fees, security costs, and everything else that goes into running a legal cannabis business regulated outlets are already at a distinct disadvantage compared to unregulated sources. Ontario keeping its current model, and the hiccups and issues that come with it, all but ensure that the unregulated market in Ontario will continue to thrive, and that’s unfortunate considering that things don’t have to be that way.

Canada, ontario

canada flag

Taxes And Provincial Mark-Ups Are Hindering Ontario’s Cannabis Industry

Written by Johnny Green on . Posted in Archives, Business, Policy.

The main motivation behind legalizing cannabis for adult and/or medical use should always be based on it simply being the right thing to do. No one should ever be penalized for using/possessing a plant that is 114 times safer than alcohol.

With that being said, the reality of the situation is that creating a regulated industry for the purpose of generating public revenue is a driving force behind support for legalization around the globe for better or worse.

Taking the profit away from criminal enterprises and essentially re-routing it to a regulated system in which some profits benefit society is a winning political message, and if actually achieved, a great thing. However, it’s predicated on people actually making purchases from regulated sources rather than unregulated ones, and the transition is far from automatic.

Surveys and polls have consistently found that cost is a major factor for consumers and patients, which is not exactly shocking because that is basically true of any product. But unlike most products, there are a lot of unregulated options when it comes to cannabis, and in most cases, unregulated cannabis is significantly cheaper than regulated cannabis.

Various reports have been published regarding the average price for regulated and unregulated cannabis in Ontario and other parts of Canada, and while the price for regulated cannabis seems to be pretty consistent being that it can be easily tracked, the price for unregulated cannabis often seems to be inflated in my opinion.

I spend an ungodly amount of time online talking to consumers all over the world, and I have yet to find someone in Ontario that pays the prices for unregulated cannabis that are being reported for what that is worth.

It’s a safe assumption that for every extra dollar that gets added to the price of regulated cannabis a certain chunk of the consumer base then gets lost to the unregulated market. With that in mind, the fact that roughly half of the price of regulated cannabis products in Ontario is due to taxes and provincial mark-ups is obviously a problem and will always hinder the legal industry.

This is not to say that there should be no government profit at all. Regulatory oversight is not free, so there needs to be enough money to safely administer sensible industry regulations, and to some extent, put cannabis industry revenues to work helping society in various ways.

However, there needs to be a balance struck to help ensure that regulated cannabis is truly competitive with unregulated cannabis. Regulated cannabis will never be as cheap to produce as unregulated cannabis, but it needs to be close enough that consumers feel comfortable paying a little extra for a product that they know is tested and safe.

Canada, ontario

data information security

Ontario Cannabis Store Data Breach Demonstrates Growing Threat

Written by Johnny Green on . Posted in Archives, Business.

I have worked in the cannabis industry to some degree for many years now. If you count the unregulated industry here in Oregon, I am the third generation of my family to be involved with cannabis.

If there is one thing that I know about the emerging cannabis industry it’s that cannabis and chaos seem to go hand-in-hand. Laws. Rules. Regulations. Juggling all of it while all of the parts are moving and shifting, all the while trying to be innovative and effective at running a business. There is a lot that cannabis entrepreneurs and their employees have to stay on top of and it can be like trying to drink water from a fire hydrant.

One area of the emerging cannabis industry that seems to often get lost in all of the chaos is information security, which is unfortunate. When people think of information security, they often think of computers and networks, and rightfully so. Computer networks often house a significant amount of sensitive information.

However, there is far more to information security than computers and networks. Companies and employees in the cannabis industry often house more sensitive information than people realize in both digital and physical forms, including personally identifiable information and proprietary information. All of that information is a target for someone.

Whereas network security can be easily outsourced to a reputable third party, the biggest threat to a cannabis company’s information security strategy has to be addressed on an ongoing basis in-house because that threat is the company’s own staff, either due to nefarious intent or negligence.

A cannabis company can have the most robust technical safeguards in place, with a small army of network security experts doing everything they can to keep something secure, and it only takes one person with privileged access to give up some or even all of the company’s sensitive information via less-than-sophisticated methods.

The latest example of the growing information security issue facing the emerging cannabis industry can be found in Canada where a suspected data breach is making headlines. Per Infotel:

The Ontario Cannabis Store says a data breach involving some of its sales information is being investigated by the Ontario Provincial Police.

Daffyd Roderick, a spokesperson for the Crown agency responsible for distributing cannabis from producers to pot shops in the province, confirmed what he called a misappropriation of data Tuesday evening.

“There was no failure of IT security or systems,” he added.

An OCS letter obtained by The Canadian Press and sent to retailers on May 10 said that “confidential store sales data” was being “circulated in the industry.”

“This data was not disclosed by the OCS, nor have we provided any permission or consent to distribute or use this data outside of our organization,” reads the letter signed by Janet Ihm, the OCS vice-president of wholesale partnerships and customer care.

“The data was misappropriated, disclosed, and distributed unlawfully. As a result, we trust you will refrain from sharing or using this stolen data in any way.”

As noted by authorities in the excerpt, the data breach did not come as a result of a failure of ‘IT security or systems,’ meaning, it wasn’t a direct hack into the system. Many details are still unknown, however, I would personally bet a decent chunk of change that the breach was due to non-sophisticated methods.

One of the most common ways that data breaches occur is through human error. Sometimes someone from the data source sends an email to an auto-populated wrong email address in error. Sometimes they click the wrong attachment when sending an email and the data is acquired that way, or they click ‘reply all’ when they shouldn’t have. Although, that doesn’t seem to be the case in Ontario where the ‘data was not disclosed by the OCS.’ I take that to include no direct disclosures even due to human error.

Perhaps the data was gained through some type of physical theft. When I read the word ‘misappropriated’ that is where my mind went based on the currently available information. All it would take is someone copying one or more files to a digital storage medium (disc, thumb drive, phone, etc.) containing the data in question, and simply walking off with it. Everyone has a phone in their pocket these days, and taking a picture of sensitive information is very easy to do.

Regardless of how the data was obtained in this latest case, the case itself serves as a reminder that the cannabis industry is a popular target. The industry has so much money flowing through it, it’s so competitive, and many in the industry seem to be unaware of the amount of sensitive information that they have at their fingertips. The problem will only continue to get worse.

Everyone in the cannabis industry needs to be mindful of information security threats, trends, and tactics. Companies need to train their staff, continue to educate members of their organization and create effective information security policies. One silver lining in all of this is that it creates many opportunities for ancillary companies that can help cannabis companies and organizations with their information security strategies.

Canada, information security, ontario

International Cannabis Chronicle
International Cannabis Business Conference

NEWS FROM AROUND THE GLOBE

BROUGHT TO YOU BY THE ICBC

Read more
© International Cannabis Chronicle. All rights reserved. Site developed and hosted by Rogue Web Works.