The smallest mistake can lead to monumental consequences when it comes to cyber security.
“The hidden cost of downtime”— recent report from Splunk, in collaboration with Oxford Economics—sheds light on the staggering economic cost of downtime to Global 2000 companies, estimated at $400 billion annually. But beyond the mind-numbing numbers, this report also reveals a deeper issue: the significant impact of human error and how artificial intelligence and automation can provide a solution.
The financial burden of downtime
Downtime is more than just an inconvenience. it is a huge financial burden. According to the report, the direct costs of downtime include lost revenue, regulatory fines and penalties for missed service level agreements (SLAs). On average, companies lose $49 million in revenue each year due to downtime, with an additional $22 million in regulatory fines and $16 million in SLA penalties. However, these figures only scratch the surface.
Archana Venkatramansenior research director for cloud data management at IDC Europe, said: “For organizations with a digital ambition, downtime is unacceptable.”
I met with Jason Lee, Splunk’s CISO, during Splunk’s recent .conf24 conference in Las Vegas. We talked about how detecting and responding to a security incident may seem like the end of the incident, but in many ways it’s only the first in a series of consequences for the organization. He explained that downtime isn’t just about the immediate loss of revenue. It is also about long-term damage to shareholder value, brand reputation and customer trust.
That sentiment echoes throughout the report, which describes how hidden costs—such as reduced shareholder value, stagnant developer productivity, and delayed time to market—can be just as crippling as direct financial losses.
The hidden cost: reputation and recovery
One of the most alarming findings is the average time to recover from an outage incident: 79 days. During this time, companies not only work to restore their systems, but also have to rebuild their brand and reassure customers and partners of their reliability. “The cost of recovery is not just financial. It’s about regaining the trust and confidence of your customers and stakeholders,” Lee stressed.
The report reveals that 41% of technology executives admit that their customers are often the first to spot outages. This not only affects customer loyalty, but also damages public perception. For Chief Marketing Officers, downtime can significantly impact customer lifetime value and reseller or partner relationships.
Human error: The leading cause of downtime
A staggering 56% of outages are due to security issues, with human error being the main culprit. From phishing attacks to configuration errors, the role of human error cannot be overstated. “Human error is a major factor. It’s not just about malicious attacks; it’s about everyday mistakes that can have serious consequences,” Lee explained.
The prevalence of human error in security incidents highlights the need for better solutions to mitigate these risks. Lee shared an insightful perspective: “When you think about downtime, the 56% focused on safety is not surprising. What is surprising is that human error remains the leading cause. Automating more processes can help reduce that of errors and improving the overall security posture.”
The promise of artificial intelligence and automation
The solution to reducing downtime and associated costs may lie in artificial intelligence and automation.
The Splunk report highlights how resiliency leaders—the companies that recover from downtime the fastest—are investing heavily in cybersecurity and observability tools. These organizations are also more advanced in their adoption of genetic artificial intelligence, using these technologies to automate routine tasks and reduce human error.
Lee is optimistic about the potential of artificial intelligence and automation: “Automation can handle repetitive tasks, allowing human experts to focus on more strategic issues. This not only improves efficiency but also reduces the possibility of errors.” He also pointed out that genetic AI can help identify and address vulnerabilities before they lead to outages.
In practice, automation can streamline responses to common security threats. For example, automated phishing response systems can detect and remove malicious emails from all users’ inboxes simultaneously, minimizing the risk of human error. “There are opportunities to automate many aspects of security. Customers often don’t fully realize the capabilities of these tools,” Lee noted.
Building a resilient future
For companies aiming to minimize downtime and associated costs, the way forward is clear: invest in automation and artificial intelligence. These technologies not only enhance security but also improve overall business resilience. Lee noted that companies that invest in business continuity, resilience and cyber security do better across all metrics.
Venkatraman noted, “It’s clear that the recipe for digital resilience and faster recovery from downtime includes an integrated approach to security and observability.”
Preventing unnecessary breaks
The overriding theme of my conversation with Jason Lee was that the key to resilience is not just preventing incidents but preparing to recover quickly and effectively when they do occur.
The story of downtime is one with significant financial implications and hidden costs. But it is also a story of opportunity. By embracing artificial intelligence and automation, companies can mitigate human error and build a more resilient future.