Securing Production Against Digital Shockwaves

September 2025, Daryl Flack, Partner

Published on: Industrial News 

Jaguar Land Rover’s prolonged shutdown after a cyber incident highlights the fragility of modern manufacturing. With IT and OT systems converging, legacy control networks are now prime targets. Experts warn that production resilience depends on treating OT security as a board-level priority.

The Jaguar Land Rover cyber incident has pushed industry to the forefront of public consciousness, in less than ideal ways.

The company was forced to suspend operations at its UK factories beginning 1 September after a cyber incident disrupted systems and brought production lines to a halt. The shutdown has since been extended into October while investigators, including the UK’s National Cyber Security Centre and law enforcement, probe the breach.

JLR has confirmed that “some data” was affected but has not disclosed whether the intrusion originated in IT or OT, nor who was responsible. The uncertainty matters less than the outcome: assembly lines silenced, orders frozen, and suppliers left idle.

JLR is among the UK’s largest exporters, and the disruption has rippled far beyond its own facilities. Tier-one suppliers have furloughed staff, while smaller contractors warn of existential strain after weeks without throughput. In just-in-time automotive manufacturing, buffers are slim and stoppages cascade quickly. Whether the breach began in back-office IT or directly in factory control networks, the effect has been the same: a manufacturing system paralysed by cyber disruption.

The scale of the incident has thrown a spotlight on the vulnerabilities of operational technology. The integration of IT and OT has streamlined production but also broadened the attack surface, exposing decades-old equipment to modern attack vectors. Michael Thomas, executive director at MARCH, said: “Operational technology has become a major target for cybercriminals because many systems rely on legacy equipment and outdated protocols that weren’t built with cybersecurity in mind. As IT and OT networks converge, systems that were once seen as secure because of their inaccessibility are now exposed to the same threats as IT.”

Michael Vallas, global technical principal at Goldilock Secure, described the design flaw more bluntly: “OT environments in manufacturing were built to be available, not secure.” His point reflects a deeper industrial reality. These systems were engineered for uptime and reliability, not for threat detection. The addition of remote monitoring, IoT integration and third-party connectivity has widened the attack surface further, introducing vulnerabilities that spread quickly once exploited.

The cost of disruption

For manufacturers, the consequences of an OT compromise are immediate and visible. Robots and conveyors stop, supervisory systems fail, and supply chains begin to contract. JLR’s stoppage has already exposed the fragility of a tiered supply network where hundreds of businesses depend on the cadence of a single OEM. Some suppliers report they may not survive if production does not resume soon.

That financial leverage is precisely why attackers are targeting OT. Daryl Flack, partner at Avella Security, explained: “Attackers are increasingly targeting manufacturing OT systems because disruptions directly halt production, impact supply chains, and threaten revenue. The combination of high-value assets, critical uptime requirements, and legacy infrastructure makes manufacturing OT uniquely vulnerable compared to traditional IT systems.” Beyond immediate downtime, manufacturers also face exposure of sensitive design data, ransomware demands and potential industrial espionage.

The threat is not isolated to automotive. Similar vulnerabilities exist in food processing, pharmaceuticals, chemicals, and energy infrastructure. For every high-profile shutdown, there are dozens of smaller incidents handled quietly, often under pressure from insurers or regulators. Fortinet’s latest survey found that 75% of OT professionals reported phishing attempts in the past year, and more than half suffered ransomware intrusions. The figures reflect a sector under constant probing.

Building resilience

In response, manufacturers are investing in layered defences designed to contain breaches before they spiral into outages. Network segmentation remains the cornerstone, creating discrete operational zones where incidents can be quarantined. Richard Woolfrey, regional director UK & Ireland at Fortinet, emphasised the need for cohesion: “By adopting segmentation and an integrated platform approach, manufacturers can reduce supply chain dependency and gain agency over risk exposure and downtime — providing tighter control, more visibility and less risk as a result.”

Segmentation, however, only limits damage; it does not guarantee resilience. Vallas challenged the prevailing assumption of permanent connectivity: “Segmentation and monitoring remain essential, but they rest on a flawed assumption: that networks must stay connected at all times. Your default posture should be physical disconnection. Think of it like a bank vault — you don’t leave the door open 24/7; you keep it shut and only open it when needed.”

For critical environments, that philosophy means designing systems that can be deliberately isolated — and restarted — without catastrophic downtime.

Technical measures alone will not suffice. Governance and preparedness define how long a business remains incapacitated after an attack. Flack argued that manufacturers need incident response plans that are not only written but rehearsed, with escalation paths and decision-makers clearly identified. He also urged board-level oversight, making OT cyber risk part of enterprise strategy rather than an engineering issue. Thomas echoed that point, calling for simulation exercises and integration of standards such as IEC 62443 into routine audits. Without that discipline, incident response risks becoming improvisation under pressure.

There is also a growing external pressure, as insurers are tightening coverage requirements, demanding proof of OT risk management before underwriting cyber policies. Regulators are likewise circling: in both the EU and UK, industrial standards are moving towards mandatory disclosure and stronger compliance regimes. Manufacturers slow to adapt risk not just downtime but regulatory penalties and spiralling insurance costs.

For JLR, the immediate concern is restoring production and re-establishing supply continuity. But for the wider sector, the incident is a case study in how a single cyber event can cascade through an industrial ecosystem. Whether the breach began in IT or OT is ultimately immaterial. Both are now inseparably linked, and both can bring factories to a standstill.

The lesson is as blunt as it is overdue. Production resilience depends on OT resilience. Companies that continue to treat cyber risk as an IT problem will be caught off guard, and their supply chains with them. Those that accept every production line is a potential cyber frontline — and invest accordingly in governance, training, and architectural resilience — will be the ones still operating when the next disruption arrives.