If the past few weeks have shown us anything, it’s that cyber attackers don’t discriminate.
Whether it’s a car rolling off the line, a pint being poured, or a plane boarding at Heathrow, disruption is the common currency of modern cybercrime.
In September alone, three global names – Jaguar Land Rover, Asahi Group, and Collins Aerospace – each suffered major cyber incidents that brought parts of their operations to a standstill.
Jaguar Land Rover’s entire UK manufacturing network went dark after a system intrusion forced them to shut down production. For a business building more than a thousand vehicles a day, it means millions in lost revenue and a global supply chain grinding to a halt.
A week later, Asahi Group (one of Japan’s largest brewers) reported a cyberattack that crippled domestic shipments and halted production at up to 30 plants. Beer wasn’t the only thing that stopped flowing; customer support, call centres, and logistics all went offline.
Collins Aerospace experienced a breach – ransomware that rippled across European airports, grounding check-in and baggage systems at Heathrow, Brussels, and Berlin. The scene was as obstructive as it gets: passengers stranded, flights cancelled, and paper check-in forms back in play.
Different industries. Different continents. Same exposure.
It’s Not “If,” It’s “When”
These weren’t isolated events. They’re symptoms of a wider truth: the IT/OT boundary has vanished. In manufacturing, energy, transport, and utilities, operational technology is now connected. That connectivity, if not defensible by design, is a liability.
Most breaches start with shared infrastructure – a contractor’s remote access point, a compromised credentials vault, or an unpatched ERP system that quietly connects to production networks. Once attackers are in, they move laterally until something breaks.
So when we talk about cyber resilience, it’s not an abstract principle. It’s the ability to keep the lights on when someone’s trying to turn them off.
That starts with fundamentals:
- Defensible architecture – segmenting IT and OT environments so one can fall without taking the other down.
- Network visibility and monitoring – knowing what’s connected and spotting anomalies before they cascade.
- Secure remote access – especially for vendors and maintenance teams.
- Risk-based vulnerability management – fixing what matters most, not what’s easiest.
- Incident response planning – rehearsed, realistic, and ready to execute.
These are the building blocks. But tools and processes alone won’t save you.
Resilience Is Built by People
Every successful recovery story has a common thread: the people behind it. The engineers who understand the machinery. The architects who know how data flows between systems. The security specialists who can translate risk into action.
That’s the reality we see every day in the talent market. Companies are starting to realise that cyber resilience isn’t something you can buy off the shelf; it’s something you build through teams who get it, who live and breathe the intersection of IT, OT, and safety.
At SR2, we’ve been placing people like that for years – security engineers who came from the plant floor, network architects who understand control loops, CISOs who know how to talk to operations as well as executives.
It’s these people who form the invisible layer between resilience and rupture.
Don’t Cut Corners
If there’s a takeaway from JLR, Asahi, and the airport outages, it’s that cyber risk is operational risk. It’s no longer confined to data loss or reputation. It’s the difference between shipping and shutdown.
And when your operations are your lifeblood, cutting corners isn’t an option.
Now is the time to make sure you have the right architecture – but more importantly, the right people – to protect it.
The next breach is inevitable. The right people aren’t.
