When Jaguar Land Rover got hit by a cyber attack this summer, everything stopped. Factories went silent, systems went down, and staff were sent home while chaos rippled through the supply chain. It was the kind of outage you’d expect from a movie, not a world-class carmaker.

Then came the twist: JLR reportedly didn’t have its cyber insurance finalised. They were still sorting the paperwork when hackers decided to test their luck. Talk about timing ?

The government ended up stepping in with a £1.5 billion loan guarantee to help stabilise things, basically pulling JLR out of the mud and keeping the wheels turning. It was a good save, but it raises a big question... how did it get to that point in the first place?

The Insurance That Wasn’t There

Cyber insurance is meant to be the safety net for exactly this sort of thing. When your systems crash and everything grinds to a halt, it’s supposed to soften the blow; helping with downtime costs, recovery, legal fees, and all the messy fallout that comes with a breach.

For JLR, that kind of cover could have made a world of difference. But insurance doesn’t work on “almost signed”. It’s one of those things that only helps if you’ve got it before you need it. Once the damage is done, it’s too late to call your broker.

Why Cyber Insurance Has Become a Headache

Cyber insurance used to be pretty simple. Pay the premium, get the cover, sleep easier at night. Not anymore.

Premiums are rising, conditions are getting tighter, and insurers are asking way more questions before they even think about covering you. They want proof that you’re serious about cyber security: proper backups, staff training, tested response plans, and up-to-date protection.

Even then, claims can get complicated. After the NotPetya attacks in 2017, companies like Maersk, Mondelez and Merck were dragged into legal battles because insurers argued it was an “act of war”. Translation: not covered. Those cases changed the way the industry thinks about cyber risk... and not in a good way.

What Businesses Can Learn From JLR

If there’s one clear takeaway from this mess, it’s that cyber insurance can’t be an afterthought. It’s part of staying operational when the worst happens, not just about ticking a compliance box

A few lessons worth remembering:

• Get it sorted early. Cyber insurance isn’t something to leave half-done. If you’re between policies when something hits, you’re on your own.
• Know what you’re paying for. Every policy is different. Some cover ransomware, others don’t. Some pay for downtime, others call it your problem. Read it properly or better yet, get someone who understands it to explain it.
• Keep your security tight. You can’t just buy a policy and hope for the best. Insurers want proof that you’ve done the basics — and if you haven’t, they won’t pay up.
• Think beyond your own walls. JLR’s suppliers got caught in the fallout. If your business depends on others, make sure your protection does too.

The Bigger Picture

The UK’s National Cyber Security Centre keeps warning that ransomware groups are changing tactics. They’re not just hitting single companies anymore; they’re targeting entire supply chains.

That makes cyber insurance more important than ever, but also trickier. It’s not just a piece of paper that pays out when things go wrong. It’s part of your wider resilience strategy.

The JLR attack will go down as one of those industry-defining moments, the sort that makes everyone else quietly check whether their cover is actually active.

Final Thought

Of course, cyber insurance won’t stop an attack, but it can stop one from ruining you. JLR’s situation shows what happens when timing, risk and paperwork don’t line up. For the rest of us, it’s simple: get covered, stay secure, and don’t assume you’ll never be a target.