STIIIZY: 420,000 customer records leaked. MariMed: $650,000 wired to attackers. Trulieve's customer data is on a dark web leak site right now. CannaShield is the vCISO and GRC partner cannabis operators call when their MSP isn't enough.
CANNABIS CYBERSECURITY FOCUS
CannaShield is a Connecticut-based cybersecurity and GRC partner for cannabis operators. We help translate cyber risk into license protection, insurance readiness, downtime prevention, and practical control evidence that executives, brokers, regulators, and investors can understand.
Dispensaries, cultivators, processors, manufacturers, MSOs, and ancillary cannabis operators.
Licenses, customer data, patient data, POS systems, email domains, vendor payments, recovery plans, and audit evidence.
Virtual CISO, GRC programs, cyber insurance readiness, incident response retainers, BEC defense, and ransomware resilience audits.
WHAT WE PROTECT
Your MSP handles IT. Nobody owns the written ISP, vendor risk, or audit-ready evidence your regulator wants at renewal.
We deliver NIST CSF 2.0-mapped security programs built for cannabis operators — designed to hold up when your regulator, investor, or acquirer asks for proof.
Explore License Protection →Premiums went up 40%. Your carrier wants MFA attestation, an IR plan, and EDR proof — or they're non-renewing you.
We prepare the documentation, close the gaps, and sit on the call with your broker so you pass underwriting and stop overpaying.
Explore Insurance Qualification →POS goes down and you lose $30,000 a day. STIIIZY scared your board. Someone almost wired $200K to a fake vendor.
Incident response retainers, ransomware resilience audits, and BEC defense sprints — so when it hits the industry, it doesn't shut you down.
Explore Downtime Prevention →THE THREAT IS REAL
These aren't hypotheticals. These are your peers.
January 2025
420,000 customer records leaked
Root cause
Third-party POS vendor breach
Patient data, purchase history, ID scans — all exposed.
2024
$650,000 wired to attackers
Root cause
Business Email Compromise (BEC)
A spoofed vendor email. One wire transfer. Gone.
2025
Customer data on dark web leak site
Root cause
Ransomware — data exfiltrated before encryption
Active leak site. Customer PII available for purchase.
2018 (industry reference)
14-state operational outage
Root cause
Ransomware destroyed seed-to-sale tracking
Dispensaries couldn't legally sell for days.
2024
Breach disclosed to regulators
Root cause
Undisclosed network intrusion
Public company. Mandatory disclosure. Brand damage.
2024
Customer data leaked
Root cause
Third-party vendor compromise
Government-run. Still got hit.
Your MSP isn't watching for this. We are.
START HERE — FREE
Enter your domain. Get a report on your DMARC, SPF, and DKIM configuration — and whether attackers can impersonate your brand in 60 seconds.
Free · 90 seconds · No account needed
Check your domain →See what Shodan, Censys, and breach databases know about your business right now.
State-by-state gap analysis against your current cyber posture — CT, NY, MA, IL, CA.
WHAT WE DELIVER
LP-1
$1,800/mo
Ongoing
You need a real security program, not a policy folder.
LP-2
$2,500–$4,500
3 weeks
Renewal, expansion, or investor diligence is coming.
LP-3
$3,500
2 weeks
Schedule III change creates new control expectations.
IQ-1
$2,500
3 weeks
Your carrier is asking harder questions.
IQ-2
$1,800/yr
2 weeks pre-renewal
Renewal is close and the paperwork is stale.
DP-1
$1,200/mo
Ongoing
You want IR muscle before the weekend call.
DP-2
$3,000
2 weeks
Finance is one spoofed email from a bad wire.
DP-3
$4,000
3 weeks
Your POS, backups, and recovery plan need proof.
Founder
Alex Castro
Cyber incident response analyst · vCISO for cannabis operators
WHY CANNASHIELD
Alex Castro is a working cyber incident response analyst in New York City. He's spent years inside breaches like the ones that hit STIIIZY and Trulieve — watching how attackers move, what defenders miss, and why most cannabis operators don't realize they're targets until it's too late.
CannaShield is built around one premise: cannabis operators deserve the same caliber of security leadership that Fortune 500s have, at a price point an SMB can afford.
WORK WITH US
You handle IT. We handle GRC. No competition, no overlap — just stickier clients and 10% recurring revenue share on referrals.
Become a partner →Your insureds pass underwriting. Fewer claims. CannaShield listed as your preferred remediation vendor.
Become a partner →Pre-incident hygiene and a technical partner who can work under privilege when something goes wrong.
Become a partner →WHO WE SERVE
RESOURCES
THREAT INTEL
The recent Axios supply chain attack is a direct threat to your cannabis license. Axios is the invisible courier connecting your Point of Sale to state...
Read →THREAT INTEL
If the absolute peak of federal security can be compromised, your 24/7 grow operation is not flying under the radar. The real lesson here isn't about...
Read →THREAT INTEL
But the glowing screen illuminating the dark can quickly become the biggest threat to your operating license.
Read →FAQ
CannaShield provides cannabis-specific cybersecurity, virtual CISO, GRC, cyber insurance readiness, incident response, ransomware resilience, and email security support.
CannaShield serves licensed cannabis dispensaries, cultivators, processors, manufacturers, MSOs, and ancillary cannabis operators.
No. CannaShield works alongside MSPs by owning the cyber risk, compliance evidence, vendor risk, incident response, and board/regulator-facing security program work that many MSPs do not cover.
The Email Security Scorecard checks DMARC, SPF, DKIM, MX, and domain spoofing signals so cannabis operators can see whether attackers can impersonate their business domain.
Free. No account. Just your domain.
· NIST CSF 2.0 Mapped · No account required · Results in 90 seconds