Continuity and care: Gi Group provides advice for HR professionals during cyberattacks

According to the latest UK Government’s 2025 Cyber Security Breaches Survey, four in 10 businesses reported having experienced a kind of cybersecurity breach or attack. Operations Director at one of the UK’s leading recruitment & HR specialists Gi Group, Andy Carpenter, and Gi Group UK Group Head of People, Cindy Gunn, share what actions businesses can take when operations are scaled back or shutdown altogether, and how to support the workforce.

Cyberattacks have the potential to be hugely disruptive to business operations, as seen by Jaguar Land Rover’s major cyberattack in August, which led to a halt in production and £1.9 billion in financial losses – the most economically damaging cyberevent in UK history. When such instances occur, frontline workers often face nervous waits as to how long they may be without work for, however Gi Group’s Andy Carpenter (pictured) says working with the client to find temporary resolutions is vital.

“When there is any form of disruption to the day-to-day running of a company, especially in instances of cyberattack, we always want to ensure that the workforce is not left in limbo and without any form of payment. We’ve worked closely with clients to try and find a solution, such as offering interim payments to the workforce. We were transparent about it with the staff, explaining that the payment would have to be paid back in some form – be that overtime in the future or a payment plan. They are not obliged to take it, but it’s absolutely necessary for everyone to have this option so that they can still pay their bills and afford necessities during a difficult time.”

Instances also exist where production will be scaled back, if the cyberattack is less severe. This may require automated processes being done manually. The slow down in production is damaging, but with the right and flexible workforce it still means orders can be met.

“In a scenario like this, the focus is often juggling the hours on offer to the workforce,” says Andy. “You want to make sure there is an even amount of work still being distributed to workers despite the reduced volume and drop in workforce requirements, which is why we advise implementing rotational schedules. This means that some staff may get around three or four days of work per person, and while not ideal it helps workers maintain a reasonable income in spite of the circumstances.”

While operations play a vital role in managing cybersecurity breaches, employees remain a business’s most valuable asset. It’s essential they are well-educated about cyberthreats and fully supported in the event of an incident – a responsibility where HR plays a crucial role.

According to the latest report from the UK Government, phishing was one of the most prevalent causes of cyber attacks, affecting 85% of businesses.

Cindy Gunn of Gi Group UK says that providing staff with cybersecurity awareness training as part of their onboarding process is critical to preventing breaches from occurring.

“Employees are our first line of defence against cyber security threats and it is essential that they receive the correct training and support. We’ll never expect them to be aware of every potential risk, but we’re committed to making sure they have that knowledge to prevent possible breaches. We’re also focused on building an open, two-way communication with employees. Whether someone spots an email they believe looks suspicious or if they have any queries on creating a stronger password, we aim to create an environment where everyone feels comfortable reaching out.”

In 2023, an employees’ weak password led to the destruction of a 158-year-old transport company, KNP, as it allowed hackers to gain access and lock the firms’ internal systems, leaving over 700 people out of work.

 

Adds Cindy: “HR not only plays a critical role in ensuring that staff have the appropriate training, but we also play a major part in supporting employees when a breach does happen. First of all, we maintain an internal transparent line of communication with team members within the boundaries of what can legally and contractually be shared, as the last thing we want is for anyone to be confused or unsure about what has happened.

“We also understand that a cyberattack can have a detrimental effect on the mental health of employees, especially if hackers have managed to acquire sensitive data or our business needs to temporarily stop operations. Our department will be responsible for making sure that mental health support is available and that we’re having regular check-ins with employees to answer any questions they might have and provide reassurance.”

Gi Group UK is headquartered in Chesterfield in the Midlands. Parented by Gi Group Holding, Gi Group UK employs close to 240 people and in 2025 is proud to serve more than 1800 clients across sectors that include industrial, engineering and automotive.