A commentary by Gerald Eid, Regional Managing Director EMEA at Getronics

The cyberattack on Jaguar Land Rover is more than just another headline. The estimated damage is nearly £2 billion, with over 5,000 organisations affected. According to the Cyber Monitoring Centre, this is the most economically damaging cyber attack the British economy has ever experienced.

This incident is a wake-up call. It starkly demonstrates how astronomically expensive a successful, massive hacker attack is in the connected economy. The costs are no longer theoretical; they are real and existential. It is likely that these attacks will become even more sophisticated in the future. Preparation is therefore no longer an option, but an economic necessity.

The attack exposes the Achilles heel of Industry 4.0: complete digital connectivity. But this domino effect, which paralyses thousands of suppliers, almost never starts in the factory floor. It starts in the workplace, the digital workplace.

A single compromised device, a stolen account or a successful phishing email is enough to trigger a chain reaction. This spreads from the office network to the physical production processes and paralyses them. The JLR case proves that isolated security solutions fail when attackers exploit these connections.

True resilience must therefore start at the point of entry and requires an integrated strategy:

1. Treat the digital workplace as a fortress: The first and most important line of defence is the user and their workplace. Comprehensive security for digital workplaces, from endpoint detection and response (EDR) to strict identity and access management (IAM) to employee awareness, is the foundation for preventing the first domino from falling.
2. Consistently implement zero trust architectures: This philosophy must connect the workplace with the rest of the ecosystem. In a networked system, no actor, whether employee, partner or system, can be trusted across the board. Strict micro-segmentation stops an attacker from spreading from the user’s laptop to critical systems.
3. Holistic supply chain risk management: The attack surface encompasses the entire digital ecosystem, including partners in the Global Workspace Alliance (GWA) and the supply chain. Assessing the security maturity of suppliers, who are often directly connected to the digital workplace, must be an integral part of the defence.
4. Business continuity and incident response: Since prevention is never 100 per cent successful, responsiveness becomes the focus. The massive financial damage is primarily caused by lost production. Rapid incident detection and robust contingency plans (disaster recovery) are crucial to restoring operations as quickly as possible.

The attack on JLR proves that cyber resilience is no longer an isolated IT task. It is a strategic necessity that starts with the individual user and encompasses the security of the entire value chain.

About Getronics

Getronics is a leading global provider of technology solutions with a team of over 4,000 employees in 22 centres, offering comprehensive end-to-end services around the world. The company is one of only 17 organisations worldwide to be positioned in Gartner’s 2023 Magic Quadrant for outsourced digital workplace services, and is also the leading founding member of the Global Workspace Alliance (GWA).