It’s the nightmare no business wants to experience: a system-wide disruption or cyberattack that forces operations offline and throws daily routines into chaos. In the promotional products industry, where speed, customization and customer communication are essential, a cyber incident doesn’t just threaten data. It jeopardizes reputation, delivery timelines and client trust.

Yet, when handled well, even a cyberattack can become a moment that reveals a company’s culture, resilience and readiness.

Based on recent events in the industry and lessons from real-world disruptions, here’s a guide to how promo companies can prepare for, respond to and recover from an IT crisis – with practical do’s and don’ts along the way.

Step 1: Act Fast – But Smart

DO:

  • Immediately take systems offline at the first sign of a breach or unusual activity. This reduces the risk of further compromise or data exfiltration.
  • Assemble your incident response team – whether internal or external cybersecurity partners – to begin the diagnosis and damage control.
  • Document everything. Record when and how the breach was detected, what systems were impacted and what actions were taken.


DON’T:

  • Don’t assume it’s a false alarm or delay action. In cybersecurity, time is critical.


Step 2: Investigate and Isolate

DO:

  • Conduct a thorough forensic investigation to identify the origin of the attack, what systems were touched and whether any data was accessed or stolen.
  • Isolate affected systems from your broader network.
  • Engage with third-party specialists, if needed, to validate the integrity of your data and check for backdoors or lingering threats.


DON’T:

  • Don’t rush to bring systems back online before a full assessment is complete.
  • Don’t ignore the importance of transparency with your leadership team and legal counsel during this phase.


Step 3: Communicate Clearly (Internally First)

DO:

  • Alert your internal teams quickly. Explain what’s happening in clear terms and provide guidelines for continuing operations manually, if necessary.
  • Centralize communications so that employees know where to turn for accurate updates.
  • Emphasize company culture and teamwork – disruptions are stressful, but how people rally makes a difference.


DON’T:

  • Don’t allow rumors or fragmented communication to spread. In a crisis, misinformation can do more damage than the attack itself.


Step 4: Notify Customers and Partners – With Grace

DO:

  • Reach out to customers and key partners with honest, proactive communication, even if you’re still investigating. Let them know you’re aware of the issue and working on it.
  • Be transparent about delays and offer alternative solutions or updated timelines when possible.
  • Express gratitude for patience. Acknowledge inconvenience. These sentiments build long-term trust.


DON’T:

  • Don’t remain silent. In the absence of updates, customers may assume the worst or feel abandoned.
  • Don’t assign blame or overpromise fixes.


Step 5: Operate Manually If You Must

DO:

  • Have a manual backup plan. Order taking, quote generation and fulfillment don’t need to stop. Your team just needs a way to do them without systems.
  • Cross-train staff so they can step into unfamiliar roles in a pinch.
  • Keep logs and records of manual activity to re-enter into your systems when restored.


DON’T:

  • Don’t panic if your automation breaks down. Most clients will be understanding if you’re communicative and proactive.


Step 6: Restore, Reflect and Reinforce

DO:

  • Once systems are secure, reintroduce them carefully. Test each part of the network as you go.
  • Conduct a post-mortem: What worked? What failed? What needs better preparation next time?
  • Use the event as an opportunity to invest in stronger security, better redundancies and more employee training.


DON’T:

  • Don’t assume it won’t happen again. Cyberattacks are increasing in frequency and sophistication.
  • Don’t treat a return to normal as the end of the process; true recovery includes planning for what’s next.


A Final Thought

In our industry, relationships are everything. How your company responds to a crisis – how you show up for your clients, partners and teams – will leave a longer impression than the disruption itself.

If you build your systems, culture and communication strategy with resilience in mind, you won’t just survive a cyberattack. You’ll earn even more trust from the people who matter most.

Dunbarger is the project management lead at PPAI.