[ad_1]
On September 2, 2025, there was a large-scale cyber attack on the famous luxury car manufacturer Jaguar Land Rover (JLR). It was the second major incident in a year and halted production, disrupting the company’s global operations and affecting plants in the UK, China, Slovakia and India. The attack had a significant impact on hundreds of suppliers, resulting in a reported cost of approximately £196 million.
Threat actors claiming to be “Scattered Lapsus $Hunters” claim to have released sensitive data on the dark web, including alleged internal vehicle logic and test-process information. According to their post, the attacker gained access by stealing employee credentials (reportedly infostealer-harvested credentials dating from 2021) belonging to a JLR user with remote access to the company’s Jira server, and posted a screenshot of the Jira dashboard as “proof.” However, JLR has not publicly confirmed whether those credentials were used or whether the leaked data contains sensitive technical details, only that “some data” was affected.
This raises serious questions about the potential for IP theft, unsecured third-party systems, identity theft, and personalized social engineering campaigns. More importantly, it underlines the urgent need for preventive security such as exposure management to effectively protect sensitive secrets.
The JLR attack was likely an exploitation of the same weakness that allowed attackers to move laterally and cause massive disruption to production and operations. This attack is a clear indicator that organizations need to move beyond traditional vulnerability management, where patches are applied periodically, to understanding what is exposed and prioritizing what is truly exploitable, or what an attacker is most likely to target. This is the difference between reactive security like vulnerability management and preventive, risk-based approaches like risk management.
The huge losses incurred are a clear reminder to all organizations that cyber risk is no longer just a technical issue but a critical risk management task. The financial impact of this attack will be felt for months, if not years. The production halt and supplier crisis following the attack has made it clear that business resilience is directly linked to cyber resilience. Organizations need to be able to clearly measure and communicate their cyber risk in a business context so that leaders can make smarter, more proactive decisions about protecting the keys to the kingdom. Security leaders need exposure management to make strategic decisions that reduce business risk and ensure operational continuity.
Exposure management platforms identify all vulnerabilities and misconfigurations both on-premises and in the cloud. They surface indicators of compromise, excessive permissions, identity risks, toxic combinations, and potential attack paths, helping organizations determine which risks to address first. These platforms understand the specific access requirements for different systems and help restrict access that is not clearly needed. They continuously monitor the environment for drift, minimizing accidental exposure of secrets and other sensitive information.
A preventative approach to security moves organizations away from an endpoint-centric strategy. Endpoint-centric tools alone cannot provide the timing, context, or cross-domain visibility needed in modern security operations. Often, security is viewed as a purely technical aspect. But to successfully mitigate risk, cybersecurity must be extended to business terms. This requires an understanding of the potential impact a given vulnerability, misconfiguration or compromised credential can have on the business and being able to contextualize it for C-level executives who want to know if the business is at risk.
Endpoint-only views lack the cross-domain context and timeliness needed for prevention. Using multiple point solutions for different aspects of security only increases dashboard fatigue, making it harder to integrate remediation workflows into IT systems of record like Jira and ServiceNow.
On the other hand, exposure management provides much-needed context and reduces the time spent identifying which exposures to plug first. This provides IT and security teams the ability to see the entire attack surface. By correlating vulnerabilities across vulnerabilities, identities, cloud environments, applications, and OT, exposure management platforms create a navigable map of the environment with potential attack paths, allowing teams to mitigate the biggest threats to the business. With a unified view of the attack surface, exposure management platforms provide a single source of security data, a consistent approach to risk scoring, and the ability to fix the most critical risks first. This strengthens overall resilience and increases the cost, complexity and effort required for attackers to succeed, thereby establishing a much-needed deterrence.
This article is written by Rajneesh Gupta, MD and Country Manager, Tenable India.
[ad_2]
