The government is looking at ways to lessen the impact of the August 2025 cyber attack on Jaguar Land Rover’s (JLR’s) supply chain, amid claims of workers having to sign on for Universal Credit for lack of wages.
Demands that JLR should itself support its supply chain more are also being heard from the public, at a time when insurance industry journal Cyber Risk Insurer revealed the company was without cyber insurance at the time of the attack.
The BBC reported today that the government is considering buying the component parts from suppliers and stockpiling them until JLR is able to get its assembly lines running again.
Meanwhile, union Unite has demanded that the government implement a Covid-style furlough scheme for workers in JLR’s supply chain who have been impacted by the consequences of the cyber attack.
Business secretary Peter Kyle has rejected that idea, but is considering the government buying parts and selling them to JLR, according to ITV’s Robert Peston, backing up the BBC’s information.
Phil Wright, partner for outsourcing at business advisory and accountancy firm Menzies, told Computer Weekly: “The JLR cyber attack is a stark reminder of how exposed today’s supply chains really are. Production is halted, suppliers are locked out, and the ripple effects stretch far beyond JLR itself. This isn’t just about delayed orders. Warehousing, logistics and even communication tools are paralysed, showing how fragile integrated supply chains become when a single system goes down.
“Integrated supply chains demand that all suppliers, regardless of size, need to critically evaluate the adequacy of their IT security infrastructure,” he said. “The cost of more advanced infrastructure may be prohibitive for smaller players further down the chain, but their lack of resilience can mean that an incident proportional to their scale could be terminal.
“The disruption raises difficult but urgent questions,” said Wright. “How do we balance cost control with robust cyber risk management? Should digital audits of suppliers become standard? And, critically, how do we build continuity plans that don’t just exist on paper but can actually withstand a crisis?
“For manufacturers, the lesson is clear: efficiency without resilience is a risk,” he said. “Lean, just-in-time supply models deliver agility, but when digital systems go down, efficiency savings unravel overnight, and SMEs [small and medium-sized enterprises] – often the most vulnerable – bear the heaviest burden. Stronger continuity planning, deeper digital audits and more transparent communication are no longer optional. If it can happen to JLR, it can happen to anyone. Resilience isn’t a nice-to-have, it’s now business-critical.”
The Business and Trade Select Committee of the House of Commons is meeting this afternoon to hear evidence from companies in JLR’s supply chain.
