Utilizing the New ASIS/ANSI Cannabis Security Standard to Build a Security Program Beyond Simply Compliance

In anticipation of GSX, we sat down with presenters of upcoming sessions in order to get a better understanding of the topics at hand. This week we are featuring, “Utilizing the New ASIS/ANSI Cannabis Security Standard to Build a Security Program Beyond Simply Compliance,” presented by Tim Sutton, CPP, PSP, PCI, senior consultant at Guidepost Solutions, LLC. Read on for what he had to say and don’t forget to register for GSX 2024!

Q: How did you become interested in your topic?  

A: I became interested in my topic after working with clients producing content with respect to Security Management, Security Operations and Security Technology Plans for use in applications for licensure.  This work revealed the regulations and their requirements for security not only focus on security technology and do not seem to be based upon tried-and-true security standards, guidelines or even best practices that are in use by most every industry today.  Many of the regulations’ requirements are based upon outdated and misunderstood security practices and technologies and simply do not provide a sound security program for the protection of all assets through Enterprise Security Risk Management (ESRM). I not only have worked with organizations in the cannabis industry, but I have also worked within the cannabis industry as security director for two multi-state operators (MSOs) with locations across the US and have seen first-hand how the majority tend to create their security programs based solely upon regulatory compliance. This new Cannabis Security Standard not only offers the what is needed to effectively and efficiently secure different types of cannabis operations, it offers the why and how behind the principles and practices in its included 30-page annex. 

Q: Tell us about your presentation and why security professionals should have this topic on their radar.  

A: Any security professional practicing within a cannabis organization or supplying services to a cannabis organization should have this topic on their radar as a go-to reference for setting up a strong ERSM-based security program.  The technical committee members for this standard’s development includes security leadership from multiple cannabis organizations; several security service and product providers to the industry; as well as the Compliance, Enforcement and Training Officer within the Illinois Department of Agriculture under the Division of Cannabis Regulation.  This standard is the only approved ANSI standard addressing security as a whole as opposed to security systems only such as video or alarms. 

Q: What advice would you give security professionals interested in this topic? 

A: My advice would be to read the standard and encourage its adoption by not only regulators but cannabis organizations alike.  No matter where the security professional fits within the cannabis industry, there is something in this standard that applies and can be used to validate or strengthen your practices.  

Q: How do you see this issue evolving in the next 2-5 years?  

A: In the next 2-5 years I see regulating bodies and cannabis organizations adopting the standard in its entirety or several of its provisions.  I also see regulations changing with the legal status of cannabis.  Most notably, the US is poised to reschedule cannabis to a schedule III substance. The pressure to de-schedule cannabis entirely and treat it like alcohol will continue and may eventually come to fruition.  This would mean the regulations for security, as inept and random as they are today, will no longer be around for cannabis organizations to meet for compliance and this standard will be the most informative and encompassing guide for them to follow. 

Q: Why do you attend GSX?  

A: I attend GSX for many reasons. In no particular order GSX provides me the ability to network face-to-face with not only other security practitioners but security providers and even end users. GSX also provides an excellent line-up of educational programming useful for all levels of experience from security experts from across the globe. The exhibit hall at GSX provides the opportunity to discover and learn more about so many different aspects of the security world it can be overwhelming at times.  The exhibit hall also is a great opportunity to show solutions to end users with a hands-on aspect that you just don’t get to experience on virtual product demonstrations. Presenting at GSX and staffing Community and Board booths in the ASIS HUB give me the opportunity to give back to ASIS and help spread the many benefits of ASIS International membership that has provided me with more than I deserve over my nearly 20 years of membership.