Unplanned downtime costs businesses an average of $2 million over the last three years. In 2014 the average downtime cost per hour was $164,000. By 2016, that statistic had exploded by 59% to $260,000 per hour.
Most downtime is attributed to system failures, cyber attacks, equipment outages, human error, and natural disasters. This article explores the many elements of unplanned downtime including primary causes, the devastating cost, the specific impact to the manufacturing, healthcare, and professional service industries, and how to calculate the downtime cost of lost productivity and sales.
Most business owners don’t ask themselves “how much does downtime cost” until they’re stranded in the middle of a crisis, panicking, without a clear path toward recovery.
This, for most of us, is the definition of a personal hell on earth. You knew the risks, had a chance to prepare and didn’t, so now there’s a steep price to pay. Not just a financial price, which is incredibly painful, but the harder to measure loss of customer confidence and often irreparable damage to your professional reputation.
Think organizations are aware of and ready for the inevitable reality of downtime? Nope, according to the 2017 Data Health Check Survey, 35% of businesses are completely unaware of the financial implications of outages and of those who are aware most significantly underestimate the true cost. Take for example Delta Airlines, in 2017 they had their second major system failure in a year, causing 280 flights to be cancelled at a cost of over $150 million per incident.
The 2018 Winter Olympics opening ceremony was the recent target of a cyber attack specifically designed to disrupt operations and publicly embarrass the Olympic Committee. It totally worked, using Olympic Destroyer malware, hackers were able to interrupt TV broadcasts by blocking the media’s internet access and bring the Olympic Winter Games website down for a noticeable period. While the cost is yet to be calculated, this reflects how disrupters wield their power to create impact on a global scale.
If your company has customers who depend on you, which for the sake of this article we’ll assume is 100% of readers, then unplanned downtime is a serious threat to address now.
Any failure which shuts down the ability to perform core business functions will result in customer distress, lost sales, erosion of employee morale, and the real possibility of lost business as well as a big black eye for your company’s reputation. Furthermore, depending on where in the supply chain your business falls, your inability to deliver as promised can have ripple effects for your clients and the businesses they serve.
Even before the digital age, business outages were possible. Now with our dependency on computer networks, cloud-based tools, and 24/7 uptime expectations the opportunity to crash is an everyday battle. The causes of downtime can range from single application failures and temporary internet outages to weather-related emergencies, ransomware, and devastating security breaches. Most days it feels more like armoring up to charge into battle than suiting up for work.
Depending on the industry, downtime drivers can vary. Preparation for all scenarios is difficult at best, and in some cases impossible. Focus on situations most likely to impact your operation. Calculating the downtime cost shines a spotlight on the areas of greatest monetary impact, stay focused on frying the biggest fish first.
The most common causes of business downtime include:
Data from the 2017 Unplanned Downtime Survey found that organizations experienced, on average, two episodes of unplanned downtime over the past three years. Of those, the most frequently reported downtime causes were hardware (46%) and software (40%) failure/malfunction. Before putting all your eggs in the network basket, many other concerns surfaced including system overload (29%), user error (17%), security breach (14%), and humidity (11%) all playing their tragic part in the unplanned downtime performance.
In an ironic twist, the 2018 Consumer Electronics Show (CES) was crushed by a power outage caused by heavy rainfall leaving hundreds of exhibiting companies and thousands of techies scrambling in the dark for over two hours. Hard to imagine what everyone did without their devices or WIFI. Perhaps they enjoyed good old-fashioned conversation and it wasn’t such a disaster after all.
Unplanned downtime costs companies an average of $2 million over the last three years. Let’s let that sink in for a minute. According to Aberdeen’s annual unplanned downtime study, the cost of downtime across all industries has risen 59% over the past three years. In 2014 the average downtime cost per hour was $164,000. By 2016, that statistic had exploded by 59% to $260,000 per hour.
On average, organizations experienced two episodes of unplanned downtime over the last three years with the typical outage lasting four hours or more. Those four hours of chaos can feel like four years and often result in terminations for those considered responsible for the carnage. A major underlying factor cited was poor asset management or the lack of knowledge regarding maintenance and upgrade schedules for critical equipment and power sources. This fractured insight results in confusion and longer than necessary recovery times when disaster strikes.
Cyber attacks and ransomware infiltrations deserve special attention here as the fiscal impact lasts long after the initial incident is over. Once your company has been hit, you’re now singled out as the weak gazelle being hunted by a pack of lions, the soft underbelly has been exposed and they’ll continue to go in for the kill. Cybercriminals are patient and incredibly tenacious, while the team struggles to recover, they’ll be watching for the next opportunity to attack. Often cyberattacks are devised in phases for this exact reason. Create a disruption, chaos ensues, everyone rushes to fix the problem, and we then sneak in unnoticed and gain access to the network or critical data.
According to a recent survey of security professionals, 32% had been infected with ransomware resulting in downtime with 11% taking more than a week to regain access to their data. Respondents estimated it cost them $5,000 to $20,000 per day not counting the actual ransom cost that 21% decided to pay to restore operations.
While the consequences of downtime can vary by industry, the categories which drive impact cost are consistent. Factors that determine how much downtime can cost your business are:
In 2017 manufacturers attained the number one spot becoming the top targeted sector for cyber attacks. According to the US National Center for Manufacturing Sciences (NCMS), 39% of all cyber attacks in 2016 were against the manufacturing industry. Since January of 2017 attacks increased by 24% catapulting the manufacturing industry ahead of healthcare as the most sought-after victim by today’s sophisticated digital criminals. Making this sector even more tempting, manufacturers are often viewed as easy entry points into larger businesses and government agencies, the ultimate payday for hackers.
The manufacturing world has long been revered for its focus on efficiency and production. As the industry has evolved it’s now unique in the downtime vulnerabilities faced. Specifically, manufacturers are reliant on machines, networks, and people to be successful, this means many points of failure to go wrong. The implementation of industrial control systems (ICS), centralized command centers that control and connect processes and machines, and the Internet of Things (IoT) external device integration like cameras and robotics, add multiple points of process failure and access points with possible wormholes allowing hackers to infiltrate larger networks.
As more manufacturing operations integrate via industrial control systems to connect their enterprise IT system and the internet, they are increasingly exposed to situations which can result in crippling production downtime, defective products, loss of intellectual property, physical damage, and even threaten lives. Be prepared, read about cybersecurity tips for manufacturers to prevent expensive downtime.
Thanks to HIPPA the healthcare industry has the greatest opportunity for outrageous downtime cost. The Health Insurance Portability and Accountability Act (HIPAA), was enacted to improve the efficiency and effectiveness of the American health care system, but today primarily focuses around protecting the confidentiality of protected health information (PHI). The industry is heavily regulated and non-compliance fines are mind-blowing. Ignoring HIPAA requirements is defined as “willful negligence” and subject to extreme penalties including fines as high as $50,000 per instance and criminal charges punishable by prison time.
Any medical facility, large or small, is required to adhere to HIPAA regulations and protect the privacy of their patients always. Not only does this requirement raise the stakes for cyber attacks, but also requires immaculate maintenance of all facility devices and exceptional staff compliance training.
The key here is the safeguarding of patient’s protected health information (PHI) which means stored data must be encrypted on all devices, even those you throw away or are stolen, all devices with access to PHI must be password protected and include a robust user login authentication protocol, and employees must be 100% HIPAA compliant meaning no shared passwords, snooping in patient files, or sharing confidential information outside of the office. Fines are steep, in the case of Memorial Healthcare System’s $5.5 million violation when login credentials of a former employee had continued to be used daily to access patient data for over a year. Protect your practice with the guide to current HIPAA IT regulations and cybersecurity tips for medical offices.
Consultants come in all shapes and sizes, but as a rule, have a smaller corporate infrastructure and are more reliant on outsourcing providers for core systems. This means that system reliability, uptime, and the company’s reputation are not really within your control.
Let’s say for instance your role is to provide e-commerce services for a client and the outsourced web host goes down, orders come to a hard stop, and your client is expecting quick resolution, what’s your plan? The client may say they understand, but they won’t ever look at you in quite the same way.
It’s critical to have stringent SLAs (service level agreements) in place with all vendors as well as back-ups for mission-critical systems and staff. Just like the healthcare industry, your firm is accountable for compliance with all industry regulations and protection against data breaches. Ensure your company practices total network security and have strong backup and disaster recovery solutions in place.
Determining how much does downtime cost for your business is critical when deciding which projects to invest in next. In many businesses executive decision-makers don’t want to understand the full scope of technology, neither should they have to, but when it comes to preventive efforts including the cost of downtime shows the risk associated with declining the project. Explaining the business and fiscal impact, not just the technical details, may get their attention and possibly project approval.
How to Calculate the Cost of Employee Downtime
How to Calculate the Cost of Lost Sales /Orders
When it comes to costly downtime the best defense is a good offense. Know the risk for your business and develop proactive strategies to include an IT support team experienced in total network security, backup and disaster recovery solutions, ransomware protection, and HIPAA compliance.
IT systems are foundational to modern businesses. Too often, that foundation is unsteady. Unpredictable outages, insecure networks, and unreliable performance from mission-critical systems can jeopardize your entire business.
There’s a better way. Learn how.