The aggregate cost of unplanned downtime for Global 2000 companies has surged to US$600 billion annually – a 50% increase in just two years, according to Splunk.
Oxford Economics fielded a hybrid survey that covered 2,000 executives from Global 2000 companies. Businesses from 20 countries are represented from the regions of the Asia-Pacific; Europe, the Middle East and Africa; North America and Latin America.
Findings show that the financial toll of an outage is immediate, severe, and potentially long-lasting. Downtime has become a systemic business crisis that threatens revenue, brand equity and shareholder value, costing an organisation US$95 million in lost revenue annually. This is nearly twice the level seen in 2024.
“Downtime is inevitable; prolonged disruption is not,” said Kamal Hathi, SVP and general manager of Splunk, a Cisco company.
“The most resilient organisations are not the ones with the most tools or the biggest vision for AI,” said Hathi. “They are the ones that align technology with business outcomes, empower people with context, and design systems that bend, but do not break, under pressure.”
Technology executives increasingly view the consequences of an outage as “more severe.” Publicly disclosing a data breach is now considered the most severe hidden cost, with 71% of technology executives rating it as “very” or “prohibitively disruptive,” up from 23% in 2024.
Furthermore, downtime triggers a chain reaction of hidden costs, including financial and market erosion. The study found that the average cost of downtime has reached US$15,000 per minute. In addition, organisations see an average 3.4% drop in stock price following a downtime event.
Another is customer churn. Eighty-one percent of technology leaders cite the loss of customers as a consequence of downtime, with 47% admitting customers are “often” or “very often” the first to detect service degradation or outages.
There are also escalating ransomware costs. Ransomware payouts have nearly tripled since 2024, now reaching US$40 million on average, making them one of the most significant direct financial burdens.
Then there is regulatory exposure. Regulatory fines have reached an average of US$51 million per organisation, with 57% of technology executives now viewing these penalties as “very or prohibitively disruptive.”
Another cost is operational drag, with 89% of tech leaders citing the need for large numbers of personnel to fix issues. Nearly all (90%) tech leaders report increased demand for customer support with 76% of finance and 74% of marketing executives feeling the pressure as well.
There is also the cost of brand recovery. Nearly 20% of marketing professionals report that it takes an entire quarter to recover brand health following remediation.
Security and downtime intersect
About one-third (36%) of security leaders admit that downtime is “often” or “very often” misclassified as an IT issue, which can give attackers a critical head start. A lack of shared context complicates resolution, as only 38% of technology executives report consistently identifying the root cause of a downtime incident.
The perceived frequency of cybersecurity-related downtime caused by SaaS and other third-party application issues has nearly tripled since 2024, with 56% of security leaders now experiencing these issues “often” or “very often.”
Maintaining basic cyber hygiene and modernising legacy infrastructure to replace outdated, unpatchable technology remain foundational to preventing unplanned downtime.
Meanwhile, organisations are increasingly turning to AI to enhance incident triage and root cause analysis, with a median annual spend of US$24.5 million on AI tools that prevent and respond to downtime.
As these technologies mature, the industry is shifting toward a model of human-to-agent collaboration, where AI serves the expert rather than replacing human oversight. This approach relies on machine data, the logs, metrics, and traces that allow teams to monitor AI actions, detect issues early, and correct course before minor errors escalate into full-scale outages.
The data reveals that organisations identified as “AI workflow and triage experts,” are significantly better equipped to avoid the most damaging outcomes of downtime:
Among experts, 74% avoided the need to publicly disclose a data breach last year, compared to just 54% of non-experts.
These expert organisations are nearly three times more likely to report that they have never lost customers due to downtime (42% versus 15% for non-experts).
Despite the clear benefits, the transition to autonomous systems is not without challenges. While 56% of users report that AI has reduced their overall risk, every technology leader surveyed admitted their organisation has experienced some form of AI-related downtime.
Sixty-eight percent of technology leaders express concern their AI agents will behave unpredictably, underscoring the need for robust governance and human-in-the-loop oversight that defines true digital resilience.
Further, technology executives increasingly recognise the need to visualise the entire digital dependency chain. In fact, among organisations with the lowest downtime costs, a massive 98% confirm that end-to-end visibility is “very” or “extremely important” for reducing incidents.
Nevertheless, complete visibility remains rare across IT domains, prompting organisations to shift their investment strategies toward more proactive, data-driven foundations.
About three-fourths of ITOps and engineering leaders identify end-to-end observability as their top investment priority to improve infrastructure resilience, taking precedence over traditional hardware or data center upgrades.
Sixty-six percent of ITOps and engineering leaders are prioritising investments in automation to mitigate the risks of human error, which remains the leading cause of downtime across the technology stack.
Organisations are focusing their AI budgets on high-impact areas, with 85% of technology leaders prioritising AI-driven security automation and 65% investing in AI-powered observability to gain deeper, real-time insights into their digital ecosystems.
