As the legalized cannabis industry takes its place amongst other highly highly profitable mainstream businesses it is impossible to overlook the cybersecurity and data privacy issues that uniquely affect the industry and its profitability. The issues surrounding legalized cannabis and data security create a multi-front battle that can be incredibly challenging from a legal and technological perspective. The fact that the cannabis industry has intertwining issues of highly sensitive data, regulatory oversight and mandatory data collection requirements creates a very distinctive challenge for the profitability of those businesses. But many of those challenges can be addressed using some of the same practices and solutions. Preserving profit margins and exploring innovation are fundamental to staying solvent in an industry driven to deliver results. This presentation will explore the industry-specific challenges that face legalized cannabis businesses including regulatory obligations, such as the California Cannabis Track-and-Trace ("CCTT") system, the Health Insurance Portability and Accountability Act ("HIPAA"), and the various state-specific data privacy and cybersecurity obligations. We will look at how the industry-specific regulations overlap and diverge with other security and privacy laws. Finally we will provide actionable strategies to address the regulatory landscape so that attendees leave with a basic understanding of the legal risks and obligations along with a framework to address those risks while maintaining profitability.