$400b loss for 2,000 firms after 'unavoidable' cyber attacks
Splunk, working alongside Oxford Economics, has released a new report titled 'The Hidden Costs of Downtime,' which sheds light on the significant financial and operational impact of unplanned downtime.
According to the report, the 2,000 companies incur an estimated $400 billion annually due to unexpected failures in digital environments, amounting to 9% of their profits. The analysis underlines the repercussions of downtime extend beyond immediate financial losses, affecting shareholder value, brand reputation, innovation, and customer trust.
The survey covered 2,000 executives from the world's largest companies, offering insights into the direct and hidden costs associated with unplanned downtime.
Direct costs, such as lost revenue, regulatory fines, missed SLA penalties, and overtime wages are often straightforward and measurable.
Meanwhile, hidden costs, including diminished shareholder value, reduced developer productivity, delayed time-to-market, and tarnished brand reputation, are less tangible but equally detrimental over time.
One of the key findings of the report is the prevalence of downtime origins. Security incidents, such as phishing attacks, account for 56% of downtime incidents, while application or infrastructure issues like software failures make up 44%. Human error has been identified as the leading cause in both scenarios.
President of Go-to-Market, Cisco & GM and Splunk, Gary Steele, emphasised the unavoidable nature of business disruptions and the importance of resilience.
"Disruption in business is unavoidable," he stressed. "When digital systems fail unexpectedly, companies not only lose substantial revenue and risk facing regulatory fines, they also lose customer trust and reputation. How an organisation reacts, adapts, and evolves to disruption is what sets it apart as a leader."
"A foundational building block for a resilient enterprise is a unified approach to security and observability to quickly detect and fix problems across their entire digital footprint."
The report highlights the existence of resilience leaders - an elite group of companies that manage to bounce back faster from downtime.
These resilience leaders, constituting the top 10% of surveyed organisations, experience less downtime, incur lower total direct costs, and face minimal hidden costs impacts. They are also noted for their advanced adoption of generative AI, utilising embedded AI features in existing tools at a rate four times higher than other organisations.
The financial implications of downtime are significant and varied. Lost revenue tops the list, with an average annual loss of $49m, taking approximately 75 days to recover.
Regulatory fines and missed SLA penalties follow, averaging $22m and $16m each year. Additionally, ransomware and extortion payouts cost organisations an average of $19m annually, with 67% of CFOs recommending payment to attackers either directly, through insurance, or via a third party.
The hidden costs of downtime further strain businesses. A 9% drop in stock price can be expected following a single incident, with an average recovery time of 79 days. Downtime also impacts innovation, with 74% of technology executives reporting delayed time-to-market and 64% noting stagnant developer productivity. Customer trust is eroded, as 41% of tech executives admit customers are often the first to detect downtime, and 40% of Chief Marketing Officers (CMOs) acknowledge it impacts customer lifetime value and partner relationships.
Regionally, the cost of downtime varies.
U.S. companies face the highest average annual cost at $256m, followed by Europe at $198m and the Asia-Pacific region (APAC) at $187m. Strict regulatory policies and digital infrastructure demands contribute to these variations, with European organisations incurring higher overtime wages and recovery costs from backups. Recovery times also differ geographically, with Europe and APAC experiencing longer recovery periods compared to faster recoveries in Africa and the Middle East.
Senior Research Director, Cloud Data Management of IDC Europe, Archana Venkatraman, stressed the importance of a unified approach to security and observability.
"For organisations with digital ambition, downtime is unacceptable. Downtime is not only costly, it erodes trust with key stakeholders like customers, shareholders, partners, employees and more importantly, rebuilding that trust and confidence takes time and resources."
"It's clear that the recipe for digital resiliency and bouncing back quicker from downtime is embracing a unified approach to security and observability. Splunk's unified platform empowers customers to identify and resolve problems rapidly and embed resiliency."
The resilience leaders identified in the report demonstrate specific strategies and traits that contribute to their resilience, including substantial investments in security and observability tools, with an additional $12m spent on cybersecurity and $2.4m on observability compared to other organisations.
Their mature adoption of generative AI enables faster recovery from downtime, with a 28% faster mean time to recover (MTTR) from application or infrastructure-related incidents and a 23% faster recovery from cybersecurity incidents. Furthermore, resilience leaders manage to mitigate the impacts of hidden costs, reporting minimal to no damage, in stark contrast to the majority of organisations that experience moderate to severe impacts.
CISO and privacy officer at the University of Illinois Chicago, Shefali Mookencherry, highlighted the broader implications of downtime beyond financial losses.
"Unplanned downtime for any organisation can pose significant financial challenges and negatively impact corporate reputations," she said.
"For higher education institutions, downtime can disrupt critical academic and administrative functions, impacting everything from student services to research activities."
Mookencherry added: "The repercussions extend beyond immediate financial losses to long-term effects on institutional reputation and stakeholder trust."
"As CISOs, no matter what industry, we must adopt a proactive and integrated approach to cybersecurity and observability to minimise these risks and ensure the continuity of our mission."