Counting the hidden costs of downtime 

Splunk’s James Hodge unpicks the $400B problem facing the world’s largest companies 

In business, disruption is inevitable. Every company is going to face unplanned downtime. And the organisations that bounce back the quickest will usually be those that have built a solid foundation of digital resilience. 

However, the true financial impact and nature of downtime may not always be obvious to companies. To build a more complete picture of this potential impact, Splunk partnered with Oxford Economics to question the Global 2000 companies on how often they experienced downtime, how they dealt with it, and how they measured the cost of it.

This Cost of Downtime report has revealed that IT downtime costs these businesses a staggering $400 billion annually. That’s $200 million per company, per year - or nine percent of their profits wiped out.

More to downtime than meets the eye 

Unplanned outages can generate substantial direct costs, which are usually fairly clear and measurable. Examples might include lost revenue, regulatory fines, ransomware payouts, missed SLA penalties and overtime wages paid to staff tasked with correcting issues.

But the full consequences go far beyond these immediate financial costs. Teams might shift from high-value innovation to low-level firefighting. Productivity might go down, time-to-market may slow, and competitive positions and brand reputation might be damaged. 

Our data also shows that organisations can expect their stock price to drop between one and nine percent after a single downtime event - and then take an average of 79 days to recover. It’s not much of a leap to see that these and other hidden costs could easily amount to more than $200 million annually for a single company. 

Tackling the primary causes of downtime 

Understanding the most common causes can help companies manage incident response and prevent recurrences. According to survey respondents, system outages boil down to two key factors: 56 percent stem from security incidents such as phishing attacks, and 44 percent from application or infrastructure issues.

In both cases, human error - such as misconfiguring software - is a key culprit and tough to remediate.

We found that approximately 10 percent of companies qualify as what we would call ‘resilience leaders’, being more resilient than the majority, experiencing less downtime, lower total direct costs and minimal hidden costs.

Their secret? Perhaps unsurprisingly, when compared to other respondents, ‘resilience leaders’ on average spend around $12M more on cybersecurity tools and around $2.4M more on observability tools each year.

They are also more mature in their adoption of generative AI, expanding their use of embedded generative AI features in existing tools four times faster than other organisations. 

Five steps to strengthen your resilience 

It would be unrealistic to expect all companies to become resilience leaders overnight. However, with the potential costs of downtime in mind, it’s clearly important to address. There are five key steps companies can take to build their resilience over time: 

Have a robust ‘downtime plan’ to deal with outages. Instrumenting every app, following a runbook for outages, and identifying owning engineers is good corporate hygiene. To strengthen your plan, perform regular exercises with SecOps, ITOps, and engineering teams to practise and verify responses to unplanned events.  

Always conduct a postmortem when something goes wrong, and learn from it. To prevent repeat occurrences, it is critical to carry out Root Cause Analysis. Invest in observability tooling and integrate data from across your environment into one centralised location.  

Prioritise data governance. A clear data governance policy can support resilience by protecting against data shocks, ensuring compliance, enhancing security, and building trust. These factors collectively strengthen an organisation’s ability to withstand and recover from potential security threats.  

Connect your teams and tools. Complete visibility across SecOps, ITOps and engineering is critical. Teams that share tools, data, and context will have an easier time collaborating, fixing the problem, and identifying the root cause, allowing you to get back up and running quicker. 

Take a proactive approach - prevent rather than repair. Getting ahead of issues is a cornerstone of digital resilience. Empower your SecOps, ITOps and engineering teams with a proactive and collaborative downtime prevention programme and invest in the right tools. AI- and ML-enabled predictive analytics solutions can help spot problems and anticipate downtime before it occurs. 

Putting the brakes on downtime 

Downtime is not only expensive, but also undermines the confidence and reputation companies build over years. Restoring this trust takes both time and money.

The economic and reputational impacts of downtime should have every board member and technology leader making digital resilience a priority. 

James Hodge is Splunk’s GVP and Chief Strategy Advisor

Main image courtesy of iStockPhoto.com and PeopleImages