It’s a business owners’ nightmare – imagine your phone pings in the middle of the night with a message that makes your stomach drop: "We’re down." Whether it’s your website, e-commerce platform, or another critical IT system, the nightmare is real.
Your business is offline, and every minute that passes, money slips through your fingers.
A recent eye-opening report from cybersecurity solutions provider Splunk reveals just how costly these unexpected downtimes can be for businesses today. Titled The Hidden Costs of Downtime, the study, conducted in partnership with Oxford Economics, surveyed 2,000 global executives from major companies. The results were staggering: the annual cost of downtime—when you factor in both direct and hidden expenses—tops $400 billion annually. The largest direct cost was revenue loss at an average of $49 million.
More than revenue
Of course, such losses for large businesses will be proportionately higher given the bigger amounts of revenue they generate. However, small to midsize companies are arguably at even greater risk because they may not be able to readily absorb any substantial revenue losses.
Diminished revenue is just one of the direct costs of surprise IT failures. Others include regulatory fines, blown IT budgets from coping with crises and elevated insurance premiums. Hidden costs may arise from diminished shareholder value (for publicly traded businesses), reduced productivity and brand/reputational damage.
Common threats
Worried yet? The good news is that your business can proactively address the threat of unanticipated technological downtime. The first step is to conduct a formal risk assessment to identify the most likely causes of IT failures based on the distinctive features of your systems and users.
Spoiler alert: You’ll probably find cyberattacks, such as phishing and ransomware scams, are your biggest threat. Unfortunately, these crimes have become so common that you should probably operate under the assumption that you’ll incur attacks fairly often, be they minor or major.
Indeed, the Splunk report attributed 56% of downtime incidents to cybersecurity breaches. Not far behind, however, were software or IT infrastructure failures. These caused 44% of reported downtime. And whether it was a cyberattack or a technological gaffe, human error was identified as the chief underlying cause. So, don’t be surprised if a risk assessment also identifies your employees as a major threat to your company’s ability to stay up and running.
Key strategies
Once you’ve pinpointed the IT risks with the greatest probability of occurring, you can address them. Just a few key strategies to strongly consider include:
Tracking incidents carefully. When downtime occurs, you should have an incident response plan in place to investigate and resolve the matter — as well as to record all pertinent details. Look for trends: As incidents happen more often, the likelihood of a major crisis increases.
Investing wisely in cybersecurity. Today’s companies need to look at substantial investment in cybersecurity as a cost of doing business. However, you must still scale these expenditures to your actual needs and risk level.
Training new hires and regularly upskilling employees. The Splunk report highlighted an essential truth: No matter how technologically advanced businesses become, people still make the difference.
Establishing a disaster recovery plan. As the saying goes, expect the best but plan for the worst. Implement a comprehensive plan involving sound backup policies and procedures, as well as recovery time and point objectives.
Assessing and testing regularly. The risk assessment mentioned above shouldn’t be a one-time thing. Adhere to a strict schedule of assessments and “stress tests” of mission-critical systems.
Continuous improvement
To prevent surprise IT failures at your company, apply a mindset of continuous improvement to all aspects of your policies, procedures and infrastructure. Contact your Rudler, PSC advisor with questions at 859-331-1717. We can help you identify and manage your technology costs.
RUDLER, PSC CPAs and Business Advisors
This week's Rudler Review is presented by Allison Kiley, Staff Accountant and Brooke Kramer, CPA.
If you would like to discuss your particular situation, contact Allie or Brooke at 859-331-1717.
As part of Rudler, PSC's commitment to true proactive client partnerships, we have encouraged our professionals to specialize in their areas of interest, providing clients with specialized knowledge and strategic relationships. Be sure to receive future Rudler Reviews for advice from our experts, sign up today !