AI-Driven Cybersecurity Strategies Every Printer Needs Now

"So it's 2:14 a.m. and your prepress server just locked. It's now 2:17 a.m., and every artwork file you've ever touched is encrypted. At 2:21, a ransom demand arrives; they want 500k in 24 hours or it's gone. What do you do first?

"This is not fiction. This is actually a packaging converter in Wisconsin last year, 120 employees, family-owned operation, and they were offline for 48 hours."

Amy Servi-Bonner

That was how Amy Servi-Bonner, vice president of consulting, applied AI and printing technology at PRINTING United Alliance, started her session on cybersecurity and AI at Digital Packaging Summit 2025 in Ponte Vedra Beach, Florida. In the session, she dove into why it's easier than ever for attackers to infiltrate your company, and what packaging and label providers should do when things go wrong.

Servi-Bonner, who leads the Alliance's PRINTING AI consulting services, said that packaging and label converters and printers are prime targets for ransomware attacks. Why?

"This segment of the print industry spends the least amount on cybersecurity," Servi-Bonner said. "See, hackers, they've kind of figured out that packaging companies and converters who work with brands — those brands rely on you. They trust you. You're part of their supply chain, yet you might be the weakest link that an attacker can exploit to reach someone else."

And cyberattacks have only become easier — in part due to the rise of ransomware-as-a-service (RaaS).

"They're actually selling crime," Servi-Bonner said. "There's a subscription model, cybercrime platforms [and] programs that you can you can engage in, even to the extent of having customer support to help you deploy ransomware campaigns. So you don't even have to be a sophisticated actor anymore to launch attacks."

She shared some stark statistics:

• 55% of ransomware attacks hit companies with fewer than 100 employees.
• 68% of attacks start with an AI-written phishing email.
• Downtime caused by an AI cyberattack costs a small business an average of $8,000 per hour.

To gauge their preparedness for a ransomware attack, Servi-Bonner had attendees discuss among themselves how they would handle the first 24 hours after a cyberattack. Many outlined these gut instincts:

• Hour 1: Call IT.
• Hour 6: Tell no one yet.
• Hour 12: Start restoring backups.
• Hour 24: Back online.

But Servi-Bonner outlined a more solid action plan:

• Hour 1: Isolate the network immediately and activate your incident response plan.
• Hour 6: Notify leadership, insurer, and legal, and log every action.
• Hour 12: Verify that your backups are not infected. AI tools will check data integrity.
• Hour 24: Don't let anyone touch anything. Let forensics investigate first, and use your AI models to identify the root cause.

"Your instincts are emotional; the right moves are practical," she emphasized. "And these are things that everybody — I'm telling you, in this room, no matter what role you're in in the organization — has to understand, if nothing else, to keep somebody from losing their mind."

She also encouraged attendees to create and regularly maintain their cyber-resilience system.

Before an attack occurs, Servi-Bonner said it's critical to ensure that every part of your business is prepared. To do this, she recommended running AI-driven tabletop drills quarterly to simulate how your company would respond to a ransomware attack. She also pointed out the importance of segmenting and isolating your backups; training with simulated phishing that uses your own email tone; and auditing your connections with every vendor.

During an attack, she reiterated that AI tools should be used to identify the root cause of the breach and determine how it spread throughout the system. She also said that precise communication with your internal team is critical, and that you should decide early whether to pay the ransom, negotiate, or rebuild.

Once the attack has been addressed, put AI to work reconstructing the cyberattack timeline for legal and insurance purposes, and use that data to strengthen your models.

"Sometimes the breach is the best teacher," Servi-Bonner said.

When all is said and done, make sure to review the scenario, retrain your team, and stay up to date by repeating the process.

Servi-Bonner left listeners with this thought: "If AI doesn't hit your P&L, it's just entertainment. But if cyber hits your art files, it's a catastrophe."