Understanding The Threat Of Cyber-Attacks On Your Business

What do Marks & Spencer, Co-op, and Jaguar Land Rover all have in common? In 2025 the three brands all experienced significant cyber-attacks that resulted in dramatic losses in revenue and major service outages for customers and employees.

More and more cyber-attacks are becoming more common place with the likes of the NHS, UK Ministry of Defence, Royal Mail, Southern Water, and Cambridge University experiencing attacks in the last two years. The Winter Olympics 2026 recently avoided a “Russian origin” cyber-attack against foreign ministry sites, demonstrating the scale and frequency of these attacks.

These attacks and disruptions are not even limited to large corporations or organisations either. In 2021 Gloucester City Council suffered a cyber attack in which Russian hackers sent an email out to look like it was part of a wider conversation which then released malicious software that made all of Gloucester City Council’s systems inaccessible. Tewkesbury Borough Council faced a similar threat in 2024 which led to huge changes in training, so that staff and councillors could spot potential threats.

Attacks on businesses like those mentioned as well as the likes of Currys, TalkTalk, Marriott International, and Equifax all being affected in the last ten years, shows how serious cybersecurity needs to be taken.

For printers, sensitive documents are often part and parcel of the work they carry out, especially if it is linked to billing, education, or electoral information. Not only is the data and information important, but more and more companies are finding themselves becoming victims to scams and threats which are there simply there to cause disruption or access sensitive information. These breaches can have serious implications on daily operations, and income, so how can businesses be more aware of threats and stop them from happening?

In this feature, Print Monthly speaks to a range of experts from across print and cybersecurity to hear what they have to say regarding this newer threat facing businesses across the UK.

Knowing the Risks

One company that has worked in specialist business software for a long time is Electronic Business Systems (EBS) which is based in Birmingham. Set up in 1979, the company provides software solutions, cloud services, IT hardware, network infrastructure, managed services, bespoke software development and, as you would expect, cybersecurity.

EBS’ cybersecurity services includes government-approved security controls, as well as cybersecurity audits, disaster recovery, and proactive monitoring of potential threats, making them more than qualified to comment on this topic.

When asked about the recent prominence of cybersecurity, Sandy Gaggini, managing director at EBS, says: “Cybersecurity has moved to the forefront of business strategy because the tools used by criminals have become more automated and sophisticated through the use of AI.”

Gaggini adds: “Many modern attacks are now capable of bypassing traditional defences at machine speed which makes reactive security measures insufficient for protecting a business in 2026. Companies often overlook the importance of securing their supply chain or the potential for human error within their own teams. Failing to implement a continuous monitoring strategy can lead to significant gaps in protection that are easily exploited by external actors.”

When it comes to the print and sign-making industries, Gaggini says that the dangers are largely ransomware that can lockdown production software and steal valuable intellectual property like bespoke designs.

“A successful attack on a large-format printer or a digital cutting system could halt manufacturing for weeks and lead to massive financial losses,” says Gaggini, who adds: “Beyond that, the loss of sensitive client data such as brand assets or contract details can destroy the professional reputation of a firm and lead to legal penalties. These threats are no longer hypothetical as attackers increasingly target small and medium enterprises that they perceive as having weaker digital defences.”

Following an increase in cybercrime in 2022, including the one earlier mentioned on Royal Mail, electronics manufacturer, Kyocera UK responded with expanded security capabilities in its software. The company also warned that British businesses could fall foul of attacks due to the increased use of cloud services due to hybrid working and a scaling down of physical hard drives.

Today, Kyocera continues to provide cybersecurity solutions through Kyocera Cyber, a new specialist business which unifies new and existing Kyocera security services. The “backbone” of this new venture is the AI-driven and hyper-automated M-SOC, which offers 24/7 global coverage and a range of services from proactive defence to incident management and recovery.

Trevor Maloney, product marketing manager at Kyocera Document Solutions UK, comments: “What people sometimes forget is that the first line of defence to cyberattacks are actually their own employees. The human layer is widely considered the weakest link behind the threat surface with hackers exploiting human trust or naivety to infiltrate systems and bypass security protocols.”

Echoing the thoughts of Gaggini as to how cyberattacks are a bigger threat today, because of the rise of AI and the Internet of Things (IoT), Maloney stresses the importance of printers embracing cybersecurity because of the data they may hold: “Many production and commercial printers utilise digital presses to take advantage of their variable data print capabilities. As such, the documents printed on digital presses will invariably be populated by a plethora of personal data and highly sensitive information, such as bank statements, utility bills, and electoral voting cards. This information, if it falls into the wrong hands, creates a significant risk. Transaction print houses are likely to see an increase in phishing attacks as bad actors become heightened to the fact they hold a repository of highly sensitive and lucrative data.”

With all this in mind, it is important to know how to best prepare or defend your business from cyber attacks and threats. So, what do the experts recommend?

Protecting Your Business

When it comes to protecting your print or signage business, Gaggini recommends implementing multi-factor authentication across all the company accounts and systems. Gaggini adds: “It’s also vital to maintain a robust and regularly tested backup routine that stores data in an offline or immutable format to protect against ransomware.

“Regular staff training is also an important part of cybersecurity; staff need to be able to identify increasingly realistic phishing attempts and social engineering tactics. Finally, we suggest moving towards a zero-trust architecture where every access request is verified, regardless of whether it originates from inside or outside the company network.”

When asked if printers or sign-makers are more vulnerable than other industries, Gaggini points to the complex mix of legacy hardware and connected devices, meaning that it may be harder to patch or protect with standard antivirus tools.

“Additionally, the industry is highly collaborative and involves frequently sharing large files with external clients and vendors which creates multiple entry points for malware. The combination of high value design data and operational technology makes the sector vulnerable to cyber criminals looking to cause maximum disruption.”

For Maloney, it is largely the “end point” of a network that makes any business vulnerable, regardless of the industry it is in. “By its very nature, a digital printing press would be connected to a network and could therefore be considered an ‘end point’. However, this is no different to a server or laptop which likewise are also connected to company networks.”

Maloney’s advice to businesses is to deal with reputable resellers of cybersecurity products and to understand that there is never a “one size fits all” solution. “Whoever is advising on cyber threats and security should adopt a consultative approach to fully understand a user’s business and the threats that lie therein,” Maloney adds.

Another specialist in this field is Howden UK, an insurance group that deals in specialist insurance, and risk advice, including cyber risks and data protection. Paul Birbilas, cyber development executive at Howden UK, develops and manages the cyber insurance strategy across the company’s corporate and commercial division. “Day to day, I deliver both internal and client facing cyber training sessions, help structure cyber insurance programmes, and support placements with leading markets on our UK cyber panel,” says Birbilas, who adds: “I use a range of pre bind risk tools to help clients strengthen their IT security posture and better understand their risk exposures before going to market. I also run cyber workshops for industry associations, where I outline sector specific threat trends and share real claim examples to raise awareness.”

When it comes to the effect of a cyber-attack Birbilas emphasises that office-based businesses can sometimes keep going manually, whereas an infected computer controlling or supporting production can bring operations to a standstill.

When it comes to his advice, Birbilas says: “A solid baseline includes multi factor authentication, endpoint protection on devices, strong email security, quick patching, and reliable and tested backups. It’s also important to keep production systems separate from office networks and limit any outside access so only what’s essential is allowed. Regular staff training is just as critical because many attacks still begin with someone clicking something they shouldn’t. Even with strong prevention in place, no business can block every threat, so having cyber insurance ensures you still have expert support and financial protection if something does go wrong.”

A solid baseline includes multi factor authentication, endpoint protection on devices, strong email security, quick patching, and reliable and tested backups

Commenting on how seriously businesses should take these threats, Birbilas says that cyber threats are now “one of the biggest risks to businesses” largely due to them becoming faster and more disruptive. “We’re seeing criminals target organisations of every size, and even small incidents can halt operations, damage customer trust, and lead to costly recovery work. For most companies, the question is no longer if they’ll face an attack but when, which is why taking cyber resilience seriously needs to be at the top of every organisation’s risk register.”

The Bigger Picture

So how is cybersecurity being treated by different organisations and trade bodies within the print and signage industries? Many recent business events held by the likes of the Independent Print Industries Association (IPIA) have brought cybersecurity to the forefront, in order to help members and visitors better understand the risks posed by vulnerable systems or staff.

Drupa Print Technologies is another organisation plugged into many global topics and challenges, largely thanks to its events and resources, including its global trade fair, which brings manufacturers, suppliers, and end users in print and packaging together every four years. Speaking on the topic of cybersecurity, Sabine Geldermann, director of drupa, says: “Cybersecurity is addressed by our platform as part of broader themes such as digitalisation, connectivity, and trust in data-driven production environments, which are increasingly influenced by regulatory frameworks.”

Speaking about the role of cybersecurity in print today, Geldermann adds: “Alongside technological developments, increasing regulatory requirements around data handling and process transparency also play an important role. As systems become more integrated across the value chain, cybersecurity becomes a shared responsibility and closely linked to trust, transparency, and compliance.”

For Geldermann, she echoes the thoughts of others in this article, that print and signage face many similar challenges to other manufacturing sectors due to the digital transformations that are taking place across supply chains. “As traditional production processes merge with digital technologies, questions around secure connectivity and compliance with external frameworks naturally gain importance,” says Geldermann, who adds: “This reflects a broader industrial transition rather than a fundamentally higher vulnerability.”

Geldermann also points to the fact cybersecurity can be seen throughout many solutions at drupa trade fair, therefore showing how integrated and embedded security solutions are becoming within software, workflows, and connected systems, which has happened in response to growing requirements for transparency, traceability, and compliance. “This underlines that cybersecurity has become an integral element of modern print technologies.”

Geldermann concludes: “Cybersecurity should be understood as an integral part of reliable and future-oriented print production rather than as a standalone topic. Trust in digital processes is essential for the continued development of print and packaging applications, particularly as automation, artificial intelligence and data-driven business models gain importance. In this context, technological innovation, market expectations, and regulatory frameworks increasingly interact, especially for internationally active brand owners and their partners.”

As evident by the knowledge and warnings of those we have spoken to, cybersecurity as Geldermann puts it, is “integral” and part of the wider conversations taking place around trust, automation, and innovation.

To not have an understanding of the threats out there, or to not have systems in place to protect your business, ultimately you leave your business, reputation, and customers with the significant risk of overwhelming consequences.