Silly me. I long assumed GM’s Mary Barra and Ford’s Jim Farley were the undisputed incompetents of the auto world. Barra raked in $29 million last year while running GM into the ground. Farley pocketed $25 million to preside over Ford’s recall parade. By comparison, Adrian Mardell, the $4.5 million–a–year CEO of Jaguar Land Rover, delivers far more bang-for-the-buck in corporate bungling.
The U.K. is facing an automotive crisis of historic proportions because Jaguar Land Rover—Britain’s largest carmaker—can’t build a single vehicle at its factories in England, Slovakia, Brazil, or India. A Chinese joint venture is said to be still curiously limping along, but everywhere else the assembly lines are halted. Why? Because JLR’s much-vaunted “smart” factories collapsed after a late-August cyberattack, and no one knows when production will resume. Speculation has the shutdown dragging into November.
That’s not the full extent of JLR’s mounting disaster. JLR reportedly has no cyber insurance. I kid you not. While the company was negotiating a policy, it never finalized it. That’s like driving without insurance — something I’d never risk.
Jaguar under Mardell had already become synonymous with poor judgment. The company’s rebranding last year ditched its James Bond heritage for a campaign with androgynous models in neon costumes flashing slogans like “create exuberant,” “live vivid,” “delete ordinary,” and “break molds.” It was as baffling as it was brand-destroying. These days when I see a Jaguar, I think Bud Light.
Therein perhaps is the danger of putting an accountant in charge of a storied luxury brand.
The fallout: about 30,000 employees sit idle, and some 100,000 more in the supply chain are gasping. Many only exist to serve JLR; if they collapse, the ripple will devastate entire communities. Talk of a government bailout is already in the air.
“Smart Factory”
Jaguar Land Rover’s “smart factory” revolution was supposed to be the crown jewel of Mardell’s much ballyhooed Reimagine strategy. In partnership with India-based Tata Consultancy Services (TCS), JLR poured hundreds of millions into turning design, supply, assembly, quality control, and delivery into one tightly orchestrated digital ecosystem.
Sensors, AI, cloud platforms, and SAP systems all synced in real time. That meant fewer delays, fewer mismatched parts, and the ability to reconfigure production on the fly. One supplier even claimed the system was “more complex than NASA putting a spacecraft into space.” The NASA comparison was apt, given how the government-owned space arm has had its lunch eaten by Elon Musk’s SpaceX.
Unfortunately, when hackers breached JLR’s integrated wizardry, there were no isolation zones. Everything was too tightly coupled. The connectivity that was supposed to be JLR’s competitive edge turned into its Achilles’ heel.
Outsourced cybersecurity
In another instance of questionable judgment, Mardell outsourced JLR’s cybersecurity—the most critical function in a digital age—to TCS. That meant his contractor was both architect and gatekeeper. JLR sacrificed direct control, slowed its response capability, and hollowed out its internal expertise. Worse, TCS has been implicated in previous major hacks involving British retail giants like M&S and the Co-op. A security guard whose clients are repeatedly ransacked hardly inspires confidence.
Nor does the bigger picture. India-based IT firms wouldn’t be my first choice to protect a complex global business. A recent survey found 99% of India-based organizations suffered data-loss incidents in 2024, while another reported 72% were hit by AI-powered cyberattacks in the past year. Meanwhile, only 7% of companies in India are considered cybersecurity-ready under industry benchmarks. Entrusting the crown jewels of Britain’s largest automaker to a partner in one of the world’s most digitally besieged environments wasn’t bold strategy. It was begging for trouble.
And it’s not just a British problem. TCS and its Bangalore-based rival Infosys count many of America’s biggest corporations—banks, airlines, retailers, insurers—among their clients. Those same industries have suffered repeated hacks and data breaches in recent years, yet their boards continue to entrust critical systems to offshore-based contractors in the name of “efficiency.”
Silicon Valley, meanwhile, eagerly imports thousands of Indian engineers, touting their supposedly superior IT expertise. Elon Musk, never shy about stirring the pot, has publicly said America benefits greatly from India’s talent.
If Indian outsourcing giants are delivering “world-class” protection, the world’s hackers must be laughing all the way to the darknet.
CEOs Aren’t Worried
American CEOs aren’t terribly alarmed — nor are they willing to invest heavily to protect their businesses. They aren’t incentivized to.
Delta Air Lines, which fancies itself a premium carrier, suffered a major IT breach last year that forced it to cancel more than 7,000 flights and stranded 1.3 million passengers, some for days. Travelers slept on airport floors, missed weddings, funerals, and vacations, and watched their “premium” airline melt down in real time.
No skin off CEO Ed Bastian’s back — he pocketed $25 million in 2024 and still jetted off to France for the Olympics while passengers slept on cots. Delta wasn’t even hit with Department of Transportation fines.
The airline tried shifting the blame to its cybersecurity contractor, but Microsoft and the contractor pointed to Delta’s antiquated IT network — a charge echoed by Delta’s unions.
America’s CEOs still don’t seem particularly alarmed by cybersecurity risks. Gartner projects companies will spend $212 billion globally on cybersecurity this year. By contrast, U.S. public corporations are expected to splurge some $1.1 trillion on stock buybacks this year — which do nothing to protect customers or strengthen resilience but work wonders for enriching CEOs whose pay is tethered to the stock price.
Corporate Lifer
And that brings us back to Adrian Mardell. He’s no corporate interloper parachuted in from the outside. He’s an accountant by training who joined Jaguar Land Rover in 1990 and has spent 35 years climbing the ranks. Known in his early days as a quiet numbers man, he became CFO in 2019 and then interim CEO in 2022 when Thierry Bolloré abruptly stepped down. By mid-2023, he was confirmed as the permanent chief on a three-year contract.
For a while, the narrative was tidy. Mardell’s Reimagine strategy — selling fewer cars at higher margins, electrifying Jaguar by 2026, and streamlining debt — produced 10 straight profitable quarters. He cleared JLR’s automotive debt, restored cash flow, and was feted as the steady hand who pulled the Tata-owned automaker back from the financial brink.
Mardell also presided over Jaguar’s disastrous “woke” rebranding, a minimalist identity shift that jettisoned the iconic leaper logo and alienated loyalists. Elon Musk was among those who mocked the move — and he’s hardly a model brand guardian of Tesla. What was meant to refresh a storied marque looked more like a tone-deaf branding exercise that stripped Jaguar of its soul.
Fortunately for Mardell, he had already announced plans to retire at the end of this year so he can avoid the humiliation of getting sacked. Despite his years of dedicated and often stellar service, he risks being remembered not for financial discipline but for presiding over one of the most corporate cyber debacles in U.K. industrial history.
It’s a cruel irony. The accountant who prided himself on risk management and financial prudence exits not with a reputation for steady stewardship, but as the architect of “smart factories” that couldn’t readily survive a hack.
JLR’s meltdown is a humiliating defeat for England, birthplace of the Industrial Revolution. The country once ruled the seas. Today it can’t even control its servers. Little wonder Britannia no longer rules the waves.