Jaguar’s New Tagline is “Copy Nothing,” but its Cyber Insurance Disaster Suggests “Penny Wise, Pound Foolish” Might be More Apt

by

Jaguar Land Rover, also known as JLR, was hit with a cyber attack last month that forced the company to shut down its tech systems and assembly lines, with billions-of-dollars of damages and lost sales potentially far exceeding JLR’s pre-tax profit last fiscal year. Sounds like time for the car maker’s cybersecurity insurance policy to kick in — if Jaguar had one. But media reports reveal the company “failed to secure (a) cyber insurance deal ahead of (the) incident.”

Jaguar Land Rover logo in article about the company not having cyber security insurance when it was hit with a major cyber attack
Did Jaguar Turn Down Cyber Insurance?

The Financial Times is now reporting that the failure was more than just a case of Jaguar’s negotiations with cyber insurance broker Lockton dragging on too long. “A person close to Lockton disputed the claim that discussions were ongoing, saying that the Tata Motors-owned company had declined cyber-specific cover,” the paper reported.

Who Bails Out an Uninsured Company with Massive Losses?

Jaguar may stand to lose billions, but some companies in its supply chain are facing bankruptcy, according the Financial Times. This would impact some of the estimated quarter-million people working in the JLR’s supply chain, which is creating calls for a government bail out. “The government is now facing calls for a furlough scheme to be set up, to prevent widespread job losses,” reports the BBC, referring to discussions about the British government paying the wages of workers furloughed or laid off due to the production collapse. [The Jaguar debacle may also renew calls in the US for an explicit government policy of encouraging or even requiring cyber insurance for some kinds of companies, with the American government stepping in to back stop catastrophic loses.]

See also  Lockton and Axio Launch Strategic Cyber Risk Partnership to Enhance Analytics
So What’s the Lesson?

As we’ve reported, another iconic British brand was recently hit with a major cyber attack. But retailer Marks & Spencer, unlike Jaguar, had purchased a cyber insurance policy. The store chain planned to make a $133 million initial cyber insurance claim after the incident, with more claims likely to come. While its unclear whether the Marks & Spencer policy will cover all its loses, it’s certain Jaguar’s shareholders, and perhaps British taxpayers, will be paying the tab for management’s failure to get insurance.

We’ll be sure to follow up on this story, along with its implications for the cyber insurance industry.

Mark Sauter

Mark Sauter’s insights on the financial, policy and security elements of cyber insurance are based on years of experience in the investment banking, media and business worlds. Co-author of the McGraw Hill university textbook “Homeland Security: a Complete Guide,” Sauter was also a consultant to one of the world’s largest software companies and served as a US Army Special Forces and infantry officer.

×