The impact of Jaguar Land Rover’s crippling cyberattack went far beyond the carmaker’s own walls. Parts suppliers, “many of them small and financially fragile,” felt the sting when JLR had to temporarily halt operations in September, the Wall Street Journal reported. The Cyber Monitoring Centre, a UK-based nonprofit, estimated the incident ultimately impacted more than 5,000 companies to the tune of £1.9 billion.
It was the latest high-profile reminder that third-party cyber risk is real, and it can be disruptive and costly, as CFO Brew previously reported. We recently spoke with Mario Paez, national cyber risk leader at insurance broker Marsh McLennan Agency, about third-party risks, and what finance leaders can do to manage them.
This interview has been edited for length and clarity.
What went through your mind when you heard about the JLR incident?
There are a lot of similar types of incidents where we see an outage caused by a security event or a system failure event, such as an unintentional or unplanned outage, and the ripple effect that it has across clients, vendors, partners, [and] supply chains. Those ecosystems are very interconnected, and when there is an…
