It’s the nightmare no business wants to experience: a system-wide disruption or cyberattack that forces operations offline and throws daily routines into chaos. In the promotional products industry, where speed, customization and customer communication are essential, a cyber incident doesn’t just threaten data. It jeopardizes reputation, delivery timelines and client trust.
Yet, when handled well, even a cyberattack can become a moment that reveals a company’s culture, resilience and readiness.
Based on recent events in the industry and lessons from real-world disruptions, here’s a guide to how promo companies can prepare for, respond to and recover from an IT crisis – with practical do’s and don’ts along the way.
Step 1: Act Fast – But Smart
DO:
- Immediately take systems offline at the first sign of a breach or unusual activity. This reduces the risk of further compromise or data exfiltration.
- Assemble your incident response team – whether internal or external cybersecurity partners – to begin the diagnosis and damage control.
- Document everything. Record when and how the breach was detected, what systems were impacted and what actions were taken.
DON’T:
- Don’t assume it’s a false alarm or delay action. In cybersecurity, time is critical.
Step 2: Investigate and Isolate
DO:
- Conduct a thorough forensic investigation to identify the origin of the attack, what systems were touched and whether any data was accessed or stolen.
- Isolate affected systems from your broader network.
- Engage with third-party specialists, if needed, to validate the integrity of your data and check for backdoors or lingering threats.
DON’T:
- Don’t rush to bring systems back online before a full assessment is complete.
- Don’t ignore the importance of transparency with your leadership team and legal counsel during this phase.
Step 3: Communicate Clearly (Internally First)
DO:
- Alert your internal teams quickly. Explain what’s happening in clear terms and provide guidelines for continuing operations manually, if necessary.
- Centralize communications so that employees know where to turn for accurate updates.
- Emphasize company culture and teamwork – disruptions are stressful, but how people rally makes a difference.
DON’T:
- Don’t allow rumors or fragmented communication to spread. In a crisis, misinformation can do more damage than the attack itself.
Step 4: Notify Customers and Partners – With Grace
DO:
- Reach out to customers and key partners with honest, proactive communication, even if you’re still investigating. Let them know you’re aware of the issue and working on it.
- Be transparent about delays and offer alternative solutions or updated timelines when possible.
- Express gratitude for patience. Acknowledge inconvenience. These sentiments build long-term trust.
DON’T:
- Don’t remain silent. In the absence of updates, customers may assume the worst or feel abandoned.
- Don’t assign blame or overpromise fixes.
Step 5: Operate Manually If You Must
DO:
- Have a manual backup plan. Order taking, quote generation and fulfillment don’t need to stop. Your team just needs a way to do them without systems.
- Cross-train staff so they can step into unfamiliar roles in a pinch.
- Keep logs and records of manual activity to re-enter into your systems when restored.
DON’T:
- Don’t panic if your automation breaks down. Most clients will be understanding if you’re communicative and proactive.
Step 6: Restore, Reflect and Reinforce
DO:
- Once systems are secure, reintroduce them carefully. Test each part of the network as you go.
- Conduct a post-mortem: What worked? What failed? What needs better preparation next time?
- Use the event as an opportunity to invest in stronger security, better redundancies and more employee training.
DON’T:
- Don’t assume it won’t happen again. Cyberattacks are increasing in frequency and sophistication.
- Don’t treat a return to normal as the end of the process; true recovery includes planning for what’s next.
A Final Thought
In our industry, relationships are everything. How your company responds to a crisis – how you show up for your clients, partners and teams – will leave a longer impression than the disruption itself.
If you build your systems, culture and communication strategy with resilience in mind, you won’t just survive a cyberattack. You’ll earn even more trust from the people who matter most.
Dunbarger is the project management lead at PPAI.