The fall of a digital service is no longer just a technical issue confined to the IT department. Every minute without service impacts revenue, customers, reputation, regulatory compliance, and stock market value. The latest research by Splunk, a Cisco company, quantifies this reality: the total annual cost of unplanned downtime for Global 2000 companies now reaches $600 billion, 50% more than just two years ago.
This study, conducted together with Oxford Economics based on surveys of 2,000 executives from major companies across 20 countries, describes a fundamental shift. Digital availability has become a business matter, not just an infrastructure concern. A prolonged outage can lead to lost sales, customer attrition, regulatory fines, support costs, ransomware payments, and brand erosion that doesn’t recover in days.
When a outage stops being “a systems problem”
According to the report, an organization loses an average of $95 million per year due to unplanned disruptions—almost double the amount in 2024. The average cost of downtime now stands at $15,000 per minute. These figures vary by sector and company size but highlight the magnitude of the issue in an environment where nearly all critical processes depend on applications, APIs, public clouds, SaaS, networks, identity systems, and data platforms.
The impact doesn’t end when services are restored. Cisco and Splunk note that companies typically suffer an average 3.4% drop in stock price following a downtime event. Simultaneously, 81% of tech leaders cite customer loss as a consequence of disruptions, and a particularly uncomfortable data point: 47% admit that, often or very often, it’s the customers themselves who first detect service degradations or outages.
| Splunk/Cisco Report Indicator | Data |
|---|---|
| Annual added cost of downtime in Global 2000 | $600 billion |
| Increase compared to 2024 | 50% |
| Average annual revenue loss per organization | $95 million |
| Average cost per minute of downtime | $15,000 |
| Average stock decline after an event | 3.4% |
| Executives citing customer loss as a consequence | 81% |
| Clients detecting degradations or outages earlier, per tech leaders | 47% |
| Average ransomware payment cost | $40 million |
| Average regulatory fines per organization | $51 million |
The business takeaway is clear: digital resilience can no longer be measured solely by technical uptime. An application might go back online, but the commercial, financial, and reputational damage can linger for weeks. In fact, nearly 20% of marketing professionals surveyed say that restoring brand health after an outage can take a full quarter.
Security, ransomware, and technological debt
The report also shows that the line between security and availability is blurring. 36% of security leaders admit that downtime is often classified as an IT problem—a confusion that can give attackers an advantage if the outage is caused by an intrusion, a ransomware attack, or abuse of third-party services.
The lack of shared context complicates the response. Only 38% of tech executives consistently identify the root cause of a downtime incident. In hybrid and multi-cloud environments—with SaaS applications, third-party integrations, and system dependencies—finding the exact origin of an outage can be as challenging as resolving it.
Ransomware emerges as one of the most direct costs. Average payments have nearly tripled since 2024, reaching $40 million. Regulatory fines, averaging $51 million per organization, add to the costs. The damage isn’t just from ransom payments or service interruptions; it also stems from potential breaches of security, privacy, operational continuity, or notification obligations.
Technological debt worsens the problem. Legacy infrastructure, unpatched systems, siloed tools, lack of visibility, and manual processes increase failure likelihood and prolong recovery times. In a digital business, each minute spent diagnosing the issue increases the cost.
AI helps but also introduces new risks
Companies are turning to artificial intelligence to improve incident response. The report indicates that organizations spend a median of $24.5 million annually on AI tools aimed at preventing or responding to downtime. The most common uses are incident triage, root cause analysis, security automation, and observability.
The most mature approach doesn’t replace human teams but fosters collaboration between people and AI agents. AI can analyze logs, metrics, and traces quickly, detect anomalies, prioritize alerts, and suggest actions. However, it still requires supervision, business context, and clear boundaries. The study notes that 68% of tech leaders are concerned about the unpredictable behavior of their AI agents.
The paradox is evident: 56% of users say AI has reduced their overall risk, but all surveyed tech leaders acknowledge their organization has experienced some form of AI-related downtime. This does not diminish AI’s utility but confirms it introduces a new critical dependency. If an automated agent responds erroneously, misinterprets a signal, or acts without sufficient governance, it can accelerate an incident rather than prevent it.
Organizations classified by Splunk as experts in AI-driven workflows and triage show better results. 74% avoided having to publicly disclose a data breach last year, compared to 54% of non-expert organizations. Additionally, these organizations are nearly three times more likely to report never losing clients due to downtime—42% versus 15%.
Observability becomes a business priority
One of the most compelling messages from the report is the need to see the entire digital dependency chain. Among organizations with lower downtime costs, 98% consider end-to-end visibility very or extremely important for reducing incidents. It’s not just about monitoring servers but understanding how applications, APIs, databases, identities, networks, cloud services, SaaS providers, and user experience interrelate.
That’s why observability is a key investment area. Three out of four ITOps and engineering leaders rank it as their top focus for improving infrastructure resilience—more than traditional hardware upgrades or data center investments. Automation also gains prominence: 66% prioritize investments to reduce human errors, still a leading cause of outages.
The security domain is moving along the same lines. 85% of tech leaders prioritize security automation driven by AI, while 65% invest in AI-powered observability to get real-time insights into their digital environments.
The takeaway isn’t that companies need more tools indiscriminately. Splunk warns that the most resilient organizations aren’t those with the most solutions but those that align technology with business results, give context to their teams, and design systems capable of absorbing pressure without breaking.
Downtime is no longer a technical anomaly. It’s a testament to operational maturity. In a world of AI, cloud, APIs, and constantly connected services, resilience has become a way to protect revenue, trust, and continuity. Companies that see outages as mere IT incidents will be late to recognize the underlying problem. Those that understand them as business risks will have more options to minimize impact and recovery time.
Frequently Asked Questions
What is unplanned downtime?
Any unexpected interruption or degradation of a digital service, application, infrastructure, or critical system that affects normal organizational operation.
How much does downtime cost large companies?
According to the Splunk and Cisco report, the total annual added cost for Global 2000 companies is $600 billion, with an average of $15,000 per minute.
Why is downtime also a cybersecurity issue?
Because many disruptions can be related to ransomware, third-party attacks, SaaS failures, data theft, or incidents misclassified as simple IT problems.
Can AI reduce outages?
AI can assist with triage, anomaly detection, automation, and root cause analysis, but also introduces new risks if agents are poorly governed or supervised.
via: newsroom.cisco