The real issue is not customer data, it’s keeping the business competitive.

‘The data loss at Jaguar Land Rover is like being punched in the face and having your legs broken’. Prof Ciaran Martin the former boss of the National Cyber Security Centre (NCSC),

Prof. Martin says: ‘The loss of customer information is like someone breaking into your home when you are out and photocopying your bank statements’, that is customer data loss isn’t really the issue for a company like JLR.

The law tells companies to protect customer data as the number one priority but securing a firm’s operation and competitive edge is more important.

Many companies are so focused on GDPR compliance and protecting personal data that they overlook the far more valuable assets at risk: their crown jewel intangible assets—like trade secrets, proprietary algorithms, customer insights, product roadmaps, and strategic know-how.

Misalignment.

– Regulatory Pressure. GDPR laws impose heavy fines, so companies prioritise compliance over strategic asset protection.

– IT-Led Security Focus. Cybersecurity teams often focus on protecting systems and personal data, not business-critical knowledge or trade secrets.

– Lack of Asset Visibility. Many firms don’t even know what their most valuable intangible assets are, let alone how to protect them.

So what’s Really Happening?

The Most Valuable Assets Are Often Expropriated Silently By Insiders, Competitors, Or Even Through Careless Collaboration, But Without Triggering Alarms.

Think:

– Trade secrets (e.g. formulas, processes, designs).

– Data-derived insights (e.g. customer segmentation, pricing models).

– AI/ML models and training data.

– Strategic plans and M&A targets.

– Supplier and partner intelligence