*Subject to Change

Wednesday, October 14

Session Description

Keynote: The Path Forward to Normalization of Cannabis Growth and Sales in the United States


Session 1: From Seed to Security 101

  • Standards & Solutions
  • Compliance Driving Successful Business Operations

Speaker: Steve Surfaro, Chairman, Security Industry Association Public Safety Working Group and the ASIS Security Applied Science Council

Every Cultivation Center, Dispensary, Logistics Operation unites a symphony of solutions meeting PCI-DSS, ABA, HIPAA Standards and each State's own requirements.  Learn how to meet minimum needs compliance and make these work for you in your business operations and enhance the customer experience. 

Veteran security industry consultant, technologist and visionary Steve Surfaro will provide the foundational look at how market conditions, evolving legislation, business drivers, and converged cyber and physical technology advancements are shaping the security and risk operations side of the cannabis industry. This class serves as the minimum learning requirements for specifying a SecuraCann system.

Session 2: Success & Failures - Case Studies

  • How Solutions Work
  • Profitability
  • Technology Capitalization

Speaker: Steve Surfaro, Chairman, Security Industry Association Public Safety Working Group and the ASIS Security Applied Science Council

There is never a "perfect project," and always an opportunity to value engineer a grower, environmental, network and security infrastructure to work for you and your customer.  Three case studies will be revealed by their own project managers, how solutions worked together and ultimately improved profitability and decreased technology capitalization.  Each solution is presented as a Good-Better-Best tier so attendees will always understand where "the upgrade" is most meaningful.
Speaker Steve Sufaro parlays his introduction to this session that follows the strategic roadmap taken.

Live Panel Discussion: Trends, Regulations & Legislation Driving Industry Risk

Excuse the pun, but the cannabis business is growing. Possessing the knowledge and expertise to take a proactive approach to securing that business and mitigating operational risk will spell the difference between success and survival for your organization. The challenges will mount as legalization expands along with regulations. Inventory will increase as will cash holdings. The number of clients accessing legal cannabis for the first time will expand the customer base. So, how much security will dispensaries and grow facilities need to meet this expansion?

And with the 2020 elections less than a month away, cannabis laws and regulations will be a hot button across the nation in federal, state and local races. But before the 2020 elections kick-off, it’s important to review federal cannabis laws that are being considered, including 5 that are in consideration: the Marijuana Freedom and Opportunity Act; SAFE Banking Act; STATES Act; Marijuana Opportunity Reinvestment and Expungement (MORE) Act; and Marijuana Justice Act.

Session 3: Comprehensive Cannabis Operations Security

  • Writing a Successful Security Plan
  • Assessing the Facility Security from the Exterior to the Inner Facility
  • Community and Local Law Impact

Speaker: Bill Cousins, CEO, WJ Cousins and Associates LLC

The presentation from Bill Cousins, CPP, an independent security consultant with over 30 years of progressive experience in federal law enforcement and private Industry and a leading authority in “seed to sale” security, will outline how to go about writing a successful security plan for a cannabis facility. Topics covered will include assessing the general environment of the facility, community impact, local law enforcement, securing the outer, middle, inner perimeter of the facility.

Advice will be provided on how to select a security consultant and what the role of the consultant is. Other topics covered will include how to choose a security integrator and technology such as video surveillance equipment, alarms, access control, Anti-diversion plans, policy and procedures and security protocols for both general operations and emergency procedures.  

Live Panel Discussion: How Social, Civil and COVID-19 Events Have Re-Shaped Security and Risk Strategies for Dispensaries

Like most retail operations, the coronavirus pandemic has forced a “new normal” in how cannabis dispensaries and other retail establishments handled business. This shift in operations has extended from the storefront to the supply chain, but in every instance security technology and planning has helped in patching the exposed vulnerabilities. Cannabis retailers also felt the sting of civil unrest following the summer protests in reaction to the police killing of George Floyd in Minneapolis, as stores across the country were damaged during sporadic looting. These events have all created the perfect storm for the cannabis industry.

Our panel of experts will discuss what the impact of both the pandemic and specter of social unrest has been in the cannabis retail industry in 2020 and what the future holds as owners recalibrate their risk metrics. This panel will be moderated by Alla Valente, who is an analyst at Forrester serving security and risk professionals. She covers governance, risk, and compliance (GRC) strategy, best practices, and technology, with a special focus on third-party risk management, procurement and supplier risk management, and enterprise and cybersecurity risk management frameworks.

Thursday, October 15


Session 4: Physical Security Design & Project Management

  • Designing a Security Floor Plan
  • Determining Threats
  • Choosing & Installing the RIGHT Security

Speaker: Tony Gallo, Managing Partner for the Sapphire Risk Advisory Group

Installing security equipment without knowledge of the latest technology or market prices increases your risks of being unsecure and overcharged. Having a specialist work on your behalf, similar to a general contractor, will not only save your operation money but also ensure that equipment is installed correctly and in compliance with insurance. Security and risk operations side of the cannabis industry. 
A well-designed security floor plan looks at every angle for which a business must protect itself, identifying both internal and external threats. It not only considers the necessary equipment but also the importance of equipment placement for adequate coverage. A quality security floorplan design goes beyond meeting state and city requirements. A sound approach is having a consultant work with the end-user to partner with proven security vendors to install the right product, at the right price, in the right place.

Tony Gallo, who is the managing partner for Sapphire Risk Advisory Group, which specializes in security and loss prevention for high-risk businesses, will guide the user and integrators through the process. He has more than 30 years’ experience in the Security, Audit, Safety, and Emergency Management fields. Tony is a licensed security consultant and a published author on retail, financial loan services, and cannabis security. He is also a member of the American Society for Industrial Security, National Pawnbroker Association and the National Cannabis Industry Association.

Session 5: Strategic Security Technology Implementation for Cannabis Operations

  • Required Technologies from Cameras to Alarm Systems to Electronic Access Control
  • Security Operations Policies

Speaker: Tim Sutton, Senior Security Consultant, Guidepost Solutions

Regulations for the cannabis industry vary from state to state and country to country.  One this that remains constant is the requirement to utilize security technology. The technology required is generally video surveillance and intrusion alarm systems.  Engineered electronic access control systems are not always required but are a best practice for sure.  Simply following the rules and regulations for your area of operation may be enough to remain approved for operation but is it enough?  Unless the technology is paired with strong security operations policies and standard operating procedures (SOPs) what is the point?

The purpose for the technology should not be simply to meet requirements for compliance and the ability to hand over to regulators and law enforcement the information stored by these technology systems for them to investigate any events of loss or diversion.  The equipment should be used proactively by the cannabis organization to thwart theft and diversion attempts and work to mitigate against any losses.  Too many times after an event, there are signs and indications of a brewing threat that are not noticed in real time and are only noticed after an event occurs.  These are called “red flags.” We all have heard about terrible events that have occurred that might have been predictable or even prevented had the warning signs or “red flags” been noticed and acted upon. Learning how security technology can aid organizations in early detection and mitigation of all sorts of negative events and then training your security department to use the technology this way will maximize your investment in the technology.

In this session, Tim Sutton CPP, CHPA, a Senior Security Consultant with Guidepost Solutions and a a highly, sought-after security subject matter expert within the cannabis security industry, will discuss not only specialized technology that can be used but also some ways how to utilize the ordinary security technology already in place in most cannabis organizations to strengthen the security department’s ability to recognize potential threats before they materialize and become major events costing loss of licensing, reputation, production time, products, or even life.

Live Panel Discussion: How to Access Your Cannabis Operations Cybersecurity Vulnerability and Risk

The legal marijuana industry is expected to grow exponentially over the next few years. This is spurred not only by the legalization of recreational marijuana in many states in the US as well as in countries like Canada, but also the growing adoption of cannabis as a pharmaceutical product.

According to the State of the Legal Cannabis Markets report from BDS Analytics and Arcview Market Research, legal pot sales will hit $40.6 billion in 2024. This represents a 24.5 percent growth over the period 2018 to 2024. The burgeoning cannabis retail industry is, therefore, a prime target for cybercriminals who look to steal valuable and sensitive information ranging from credit card information, trade secrets, and personally identifiable information (PII). Aside from the consumer information they store and manage, online cannabis retailers are being targeted because many of them have yet to incorporate cybersecurity practices.  Small to medium-sized online marijuana retailers are also highly vulnerable to cyberattacks because they normally don’t have the resources to hire an IT staff who can implement security measures to mitigate cybersecurity risks. 

Moderator Ryan Schonfeld, Founder & President of RAS Consulting & Investigations brings a rich body of work that has demonstrated expertise in private investigation, police service, teaching and instruction, work with the U.S. State Department as well as leadership in Corporate America will lead the discussion on how cannabis retailers and growers can protect themselves from the growing threat of cybercrime and just what are the top threats to operations.

Session 6: The Three Pillars of Cyber Security for Cannabis

  • People, Policies and Technology
  • Reduce Vulnerabilities
  • Customer Peach of Mind

Speaker: Matthew Dunn, Associate Managing Director for Cyber Risk at Kroll

What steps should a retailer in the cannabis industry take to build a strong cyber security strategy that gives customers peace of mind that their sensitive and personal data is being protected? By developing a strategy based on the three pillars of cyber security — People, Policies and Technology — cannabis businesses will be in a much better position to reduce their vulnerabilities and mitigate the various threats targeting their networks.  

Matthew Dunn, who is an associate managing director in Kroll’s Cyber Risk practice, will discuss how a strong cyber security strategy is built on a foundation of knowing the specific threats your industry faces and what critical business data is being maintained on your network. Matt joined Kroll after a distinguished 20-year career with the FBI, where in his final three years he served as the Supervisory Special Agent overseeing the FBI Cyber Crimes/Counterintelligence Squad in Nashville, so he has years of experience on the how and why a risk assessment conducted by independent cyber security experts can identify how a cannabis business can mitigate risk and the logical steps needed in that pursuit.

Live Panel Discussion: Charting the Future Courses for Security Technology Implementations, the IOS and Automation for Growers and Sellers

A strategic security plan is the foundation for any successful cannabis security program. It sets the groundwork for all measures and policies to secure an organization’s assets. It involves documenting the objectives of the security initiative, assigning responsibility, identifying common security risks, highlighting key systems, and enforcing security policies. Simply put, it’s the first step to mitigating business risks. But what new technologies are on the horizon that will define the cannabis security roadmap?
Our panel will discuss what advanced technologies figure to shape security in this sector over the next several years and how convergence of cybersecurity and physical security will dictate strategies.

Additional Sessions Coming Soon. Interested in Speaking? 

Please contact Nancy Brokamp at for more information.