Cybersecurity Is Now a Sales Requirement — Here’s Why

Printing and packaging companies have long considered themselves manufacturers — and they are. But as customer data increasingly lives in a digital environment rather than in physical files, brands are expecting their print service providers (PSPs) to keep their data secure.

Artificial intelligence has only intensified that expectation, says Amy Servi-Bonner, vice president, consulting, Applied AI & Printing Technology for PRINTNG AI.

“AI automation, portals, [and] integration have now moved customer data farther than ever before — and often before anyone stops to ask where the data lives, who touches it, or how it's protected,” Servi-Bonner says. “Here’s the uncomfortable truth: Your customers already assume that you have answers to these questions, even if your organization really hasn't caught up yet. And that's why AI and cybersecurity are no longer IT conversations. They're trust conversations, sales conversations, and revenue conversations.”

Servi-Bonner and other experts shared their insights on the current state of cybersecurity in the printing industry during a webinar entitled “AI Changes the Rules: Why Cybersecurity Is Now a Sales Requirement for Print Providers.”

Greater Threats to Security

Christian Quinn, managing principal at Fulcrum Innovation, offered a broader perspective on cybersecurity and AI. As a leader with deep experience with cyber investigations and cybersecurity on the national, state, and municipal levels, Quinn stresses that AI has made cyberattacks harder to identify. 

“The fraud isn't more technically complex, just the social engineering part of it is way more convincing,” Quinn says. “And the problem with that, from a human standpoint, is those normal red flags that we would look at — that which is weird but plausible, if you will, that raise our spidey senses — we're not spotting those as easily. It becomes very simple to rationalize things away, so we have a reduced effort to enter into the threat environment.”

Because of this, Quinn says the bar for bad actors to be effective has been significantly lowered.

“Not every cyber threat is going to be a technically sophisticated actor,” Quinn says. “Some of them are just flunkies, if you will, that are really good at finding people to do stuff. I don't say that to minimize the threat — I'm emphasizing that less sophisticated criminals can orchestrate really professional-grade fraud operations.”

Heightened Security Needs

When it comes to printing and packaging, Kevin Roman, director of professional services at Canon U.S.A., points out that print buyers are asking the hard questions up front.

“What's really changed is the depth of questions and the timing of the questions,” Roman says. “A year ago, most security conversations centered around — in case of print — the device. … Customers are starting to ask some really real questions: ‘Where does my data move across your workflow?’ They want to understand: ‘Where's this data coming from, and where is it going to? What systems touch it?’”

Roman explains that the aim of these questions is to gain clear insight into how a prospective PSP will handle their data — with clarity being the key. For example, Roman shared the story of a PSP that was close to closing a deal with a healthcare provider.

“Late in the process, they received a detailed security questionnaire,” he says. “That questionnaire was over 200 questions. They didn't have the formal documentation prepared. They had good practices. They knew how to act, but ultimately, they couldn't articulate them in a structured way. That introduced, obviously, delays to the whole opportunity, and even more importantly, it created that uncertainty.”

What PSPs Should Do Now

So, what are some practical ways print and packaging providers can reduce risks? Quinn advises starting with a baseline security assessment and doing the basics to ensure data security — such as implementing multifactor authentication, reducing admin privileges, and locking down remote access. But don’t bite off more than you can chew.

“You're not doing everything in 90 days,” Quinn says. “I go back to the ‘basics not best’ [concept]. It costs nothing to have a vigilant culture. It costs nothing to teach people to hover over a suspicious email and look to see like, ‘Hey, does this domain match where the sender is supposed to be coming from?’ It costs nothing just to scrutinize a calendar invite that you weren't anticipating receiving. It costs nothing to mandate that people not use their work credentials for personal things.”

On the sales side, Roman says it’s important for PSPs to have a security-readiness package that provides information on their data flows, security controls, retention policies, and incident response procedures.

“If you get all that done, then you could start looking at … having your sales organization really also have that same security posture,” Roman says, “where instead of waiting for the security questions to come, now you leverage. You leverage what you're learning here today. You leverage what you're learning day to day around security and the importance of security, and get ahead of it. The faster you can get ahead of it, you can now turn it into a competitive advantage.”

Servi-Bonner echoes this, emphasizing just how much brands now require knowledge about print and packaging providers’ security measures before working with them.

“Print providers aren't just producing documents anymore,” she says. “They're handling sensitive data across very complex digital environments, and customers already assume you understand the risks, the controls, and the impact on their business. AI didn't create that expectation; it just accelerated it. And the providers who can explain their security posture … clearly are the ones who will build trust faster and keep that trust longer.”

To learn more about the importance of cybersecurity for your operation, watch the full webinar, “AI Changes the Rules: Why Cybersecurity Is Now a Sales Requirement for Print Providers,” here.