When a company as established as Jaguar Land Rover finds itself brought to a standstill by a cyberattack, it sends shockwaves through the entire business community.
By Nickey Mannya, director for cybersecurity and next generation solutions at Westcon-Comstor Southern Africa
The incident didn’t just freeze production, it also exposed the fragility of global supply chains and the devastating reach of cyber risk. Weeks after the attack, the company is still recovering, and its suppliers are bearing the financial strain, with some reportedly being asked to secure loans against their own homes.
In early October, Jaguar Land Rover confirmed that a major cyberattack had forced it to halt operations across several manufacturing plants, affecting thousands of vehicles on the production line. The disruption, traced back to an attack on a key IT system, crippled the automaker’s ability to source components and manage logistics.
As systems went offline, operations ground to a halt, and the company began a slow, phased restart. The financial toll has extended beyond JLR itself, with suppliers struggling to meet cashflow demands as the company works to restore full capacity.
This is more than a cautionary tale. It’s a wake-up call for every organisation that still believes cybersecurity is simply an IT responsibility. What happened to Jaguar Land Rover could happen to anyone. The difference between resilience and ruin often comes down to preparedness, governance, and culture.
The unseen cost of complacency
Cyberattacks no longer stop at data theft or ransomware demands. They now strike at the very foundations of business continuity. For manufacturers, that means stalled assembly lines and delayed shipments. For financial institutions, it’s a loss of consumer trust and regulatory backlash. For everyone, it’s reputational damage that takes years to repair.
What makes this latest breach so alarming is not just the disruption it caused but the ripple effects that followed. Suppliers, often small and medium-sized enterprises, are now struggling with financial insecurity because their operations were closely tied to a larger entity’s digital ecosystem. In an interconnected economy, one weak link can bring an entire network to its knees.
Ignoring cybersecurity is not a saving it’s a deferred cost. And when that cost arrives, it’s rarely manageable.
The next wave is already coming
The sophistication of today’s cyberattacks is unlike anything we have seen before. Attackers are faster, smarter, and increasingly automated. Artificial intelligence (AI) is being used to craft more convincing phishing attempts, bypass detection tools, and exploit vulnerabilities faster than human teams can patch them.
At the same time, geopolitical instability and the growing black market for data have created fertile ground for both criminal syndicates and state-sponsored actors. You have heard this before, but it begs repeating – the question is no longer if an organisation will be targeted, but when and how well it will respond when it happens.
The next wave of cyber threats won’t necessarily come from the expected places. It might originate from a trusted supplier, a compromised software update, or an employee’s personal device. The point of entry may be invisible until it’s too late.
Resilience starts at the top
Building cyber resilience begins with leadership. Too many executives still treat cybersecurity as a compliance checkbox, rather than an essential pillar of business strategy. That mindset must change. Security should sit at the same table as finance, operations, and growth.
Boards and C-suites have a duty to understand their organisation’s risk posture, ensure the right investments are being made, and foster a culture where employees see security as everyone’s responsibility. This includes planning for the worst, which doesn’t mean inviting fear, but building confidence in the organisation’s ability to recover.
True resilience is not built solely through technology, it also stems from leadership commitment, cross-departmental collaboration, and continuous vigilance.
Securing the future
The Jaguar Land Rover incident highlights how vulnerable even the most resilient businesses can be in the face of modern cybercrime. But it also offers a lesson in opportunity. Every breach, every disruption, and every failure is a reminder that we have the chance to do better.
Jaguar Land Rover is now clawing its way back, slowly restoring operations and rebuilding confidence across its supply network. Its recovery is proof that resilience is possible, but it comes at a price measured in time, money, and trust. For other organisations, the lesson is clear. Do not wait to learn the hard way.
Investing in cybersecurity is not about avoiding headlines. It is about ensuring business continuity, protecting livelihoods, and safeguarding the trust of customers and partners. It is a collective responsibility that begins in the boardroom and extends across every employee, supplier, and digital connection.
The next attack is inevitable. The question is whether we will be ready when it comes.