Recent cyber incidents at Marks & Spencer (M&S) and Jaguar Land Rover (JLR) underscore the pivotal role of human behavior in cybersecurity. These events reveal a paradox where employees are both the strongest and weakest links in the security chain.
M&S Cyber Incident
In April 2025, M&S experienced significant disruptions due to a ransomware attack initiated through social engineering tactics, including phishing and business email compromise. The breach led to the closure of its online store for nearly seven weeks, resulting in an estimated £300 million loss. The attack was attributed to the 'Scattered Spider' group, a splinter faction of the notorious Lapsus$ hacking collective. (en.wikipedia.org)
JLR Cyberattack
Similarly, JLR faced a severe cyberattack in August 2025, leading to a five-week production halt across its UK manufacturing sites. The attack, believed to be the most damaging in UK history, had an estimated economic impact of £1.9 billion. The incident disrupted not only JLR's operations but also affected over 5,000 UK organizations, highlighting the extensive reach of such cyber threats. (am-online.com)
The Human Element in Cybersecurity
These incidents highlight the critical role of human behavior in cybersecurity. While technical controls are essential, they can only go so far without a strong security culture. Employees must be well-informed and vigilant to recognize and respond to suspicious activities promptly. A proactive approach, where employees feel comfortable reporting potential threats without fear of blame, is crucial in mitigating risks.
The Need for a Cultural Shift
Addressing human error in cybersecurity requires a cultural shift within organizations. Traditional, passive training methods are insufficient. Instead, fostering an environment where secure behavior becomes the default is essential. Employees should understand not only what actions to avoid but also why their decisions matter in the broader context of organizational security.
Conclusion
The cyber incidents at M&S and JLR serve as stark reminders of the vulnerabilities inherent in human behavior. Organizations must invest in comprehensive training, cultivate a security-conscious culture, and implement robust technical measures to enhance their cyber resilience. By addressing the human element, companies can better defend against the evolving landscape of cyber threats.
Recent Cyber Incidents at M&S and JLR:
- Jaguar Land Rover manufacturing and retail ‘severely disrupted’ by cyber incident | Jaguar Land Rover | The Guardian
- Inside the Jaguar Land Rover hack: stalled smart factories, outsourced cybersecurity and supply chain woes | Jaguar Land Rover | The Guardian
- JLR cyber attack causes record £1.9bn UK impact | Market insight