The aggregate cost of unplanned downtime for Global 2000 companies has surged to $600-billion annually: a 50% increase in just two years, according to the Splunk research report, The Hidden Costs of Downtime, released by Cisco recently.
For South African enterprises, the regulatory and ransomware pressure points are sharpening.
In partnership with Oxford Economics, the Splunk study shows that the financial toll of an outage is immediate, severe, and potentially long-lasting. Downtime has become a systemic business crisis that threatens revenue, brand equity and shareholder value, costing an organisation $95-million in lost revenue annually. This is nearly twice the level seen in 2024.
“Downtime is inevitable; prolonged disruption is not,” said Kamal Hathi, SVP and GM of Splunk, a Cisco company. “The most resilient organisations are not the ones with the most tools or the biggest vision for AI. They are the ones that align technology with business outcomes, empower people with context, and design systems that bend, but do not break, under pressure.”
The business impact
Technology executives increasingly view the consequences of an outage as more severe. Publicly disclosing a data breach is now considered the most severe hidden cost, with 71% of technology executives rating it as very or prohibitively disruptive, up from 23% in 2024. Downtime also triggers a chain reaction of hidden costs, including:
- Financial and Market Erosion: The study found that the average cost of downtime has reached $15,000 per minute. In addition, organisations see an average 3.4% drop in stock price following a downtime event.
- Customer Churn: Eighty-one percent of technology leaders cite the loss of customers as a consequence of downtime, with 47% admitting customers are often or very often the first to detect service degradation or outages.
- Escalating Ransomware Costs: Ransomware payouts have nearly tripled since 2024, now reaching $40-million on average, making them one of the most significant direct financial burdens.
- Regulatory Exposure: Regulatory fines have reached an average of $51-million per organisation, with 57% of technology executives now viewing these penalties as very or prohibitively disruptive.
- Operational Drag: A staggering 89% of tech leaders cite the need for large numbers of personnel to fix issues. Nearly all (90%) tech leaders report increased demand for customer support with 76% of finance and 74% of marketing executives feeling the pressure as well.
- Brand Recovery: Nearly 20% of marketing professionals report that it takes an entire quarter to recover brand health following remediation.
Intersection of security and downtime
About one-third (36%) of security leaders admit that downtime is often or very often misclassified as an IT issue, which can give attackers a critical head start. A lack of shared context complicates resolution, as only 38% of technology executives report consistently identifying the root cause of a downtime incident. The perceived frequency of cybersecurity-related downtime caused by SaaS and other third-party application issues has nearly tripled since 2024, with 56% of security leaders now experiencing these issues often or very often. Maintaining basic cyber hygiene and modernizing legacy infrastructure to replace outdated, unpatchable technology remain foundational to preventing unplanned downtime.
Evolving role of AI
Organisations are increasingly turning to AI to enhance incident triage and root cause analysis, with a median annual spend of $24.5-million on AI tools that prevent and respond to downtime. As these technologies mature, the industry is shifting toward a model of human-to-agent collaboration, where AI serves the expert rather than replacing human oversight. This approach relies on machine data, the logs, metrics, and traces that allow teams to monitor AI actions, detect issues early, and correct course before minor errors escalate into full-scale outages.
The data reveals that organisations identified as “AI Workflow and Triage Experts,” are significantly better equipped to avoid the most damaging outcomes of downtime:
- Higher resilience for AI experts: 74% of these experts avoided the need to publicly disclose a data breach last year, compared to just 54% of non-experts.
- Customer retention: These expert organisations are nearly three times more likely to report that they have never lost customers due to downtime (42% versus 15% for non-experts).
Despite the clear benefits, the transition to autonomous systems is not without challenges. While 56% of users report that AI has reduced their overall risk, every technology leader surveyed admitted their organization has experienced some form of AI-related downtime. 68% of technology leaders express concern their AI agents will behave unpredictably, underscoring the need for robust governance and human-in-the-loop oversight that defines true digital resilience.
Building true resilience
Technology executives increasingly recognise the need to visualise the entire digital dependency chain. In fact, among organisations with the lowest downtime costs, a massive 98% confirm that end-to-end visibility is very or extremely important for reducing incidents. Nevertheless, complete visibility remains rare across IT domains, prompting organisations to shift their investment strategies toward more proactive, data-driven foundations:
- Prioritising observability: About three-fourths of ITOps and engineering leaders identify end-to-end observability as their top investment priority to improve infrastructure resilience, taking precedence over traditional hardware or data centre upgrades.
- Automating to reduce human error: 66% of ITOps and engineering leaders are prioritizing investments in automation to mitigate the risks of human error, which remains the leading cause of downtime across the technology stack.
- Targeting AI investments: Organisations are focusing their AI budgets on high-impact areas, with 85% of technology leaders prioritizing AI-driven security automation and 65% investing in AI-powered observability to gain deeper, real-time insights into their digital ecosystems.
- For more details on the report, visit the Splunk website.