SYDNEY - MARCH 12, 2025 - Splunk, the cybersecurity and observability leader, today released a new report "Downtime: A rising challenge for ANZ organisations", which highlights cybersecurity incidents as an escalating threat for businesses in Australia and New Zealand (ANZ). This report shows that unplanned downtime - any service degradation or outage of a business system - leads to both financial and operational losses.

Expanding on Splunk's "The Hidden Cost of Downtime" report launched last year, this survey provides a deeper look into the specific financial impacts, root causes and other consequences for unplanned downtime on ANZ businesses due to cybersecurity incidents and system outages.

The survey revealed that Australian business leaders from organisations with over 500 employees have faced an average financial loss of $251,000 due to all unplanned downtime from cybersecurity incidents or system outages, amounting to a potential national cost of $86 billion¹. In New Zealand, for businesses with 100 or more employees, the average loss was $211,000, which could lead to a potential national impact of $75 billion². Furthermore, the survey points to key gaps in addressing cyber incidents and managing unplanned downtime.

Cybersecurity incidents: a critical concern for the next 12 months

Ninety three percent of Australian and 89% of New Zealand survey respondents claim they are "prepared" for unplanned downtime. However, as cyber attacks become more frequent and sophisticated in the region, ANZ businesses are seemingly struggling to keep pace:

• 53% of business leaders in Australia (53% in New Zealand) identified cybersecurity incidents as one of their top concerns in the year ahead.
• One in three (30%) business leaders in Australia (38% in New Zealand) said employees within their organisation are not trained in cybersecurity preparedness. Of those surveyed, over half (52%) of Australian business leaders working in the public sector expressed the same view.

Despite being well-prepared for unplanned downtime, over 90% of Australian and 85% of New Zealand respondents have been exposed to a cybersecurity incident or system issue, highlighting widespread gaps across the region. 76% of Australian and 75% of New Zealand business leaders reported that these incidents led to some form of outage or unplanned downtime.

The survey revealed the top three causes of system outages and unplanned downtime in Australian and New Zealand organisations are malware, software failures, and phishing attacks. In particular, phishing attacks were a significant concern, with 86% of organisations in Australia's public sector and 78% in the financial services industry, flagging it as a main consequence of system outages or unplanned downtime.

Unplanned downtime as a business risk

From financial costs and productivity loss to reputational damage, the unplanned downtime experienced by ANZ businesses is proving to be a major disruptor:

• Sixty-two percent of business leaders in Australia (and 43% in New Zealand) experienced productivity loss because of downtime caused by cybersecurity incidents, followed by financial loss (33% in Australia and 29% in New Zealand) and operational cost in crisis management (27% in Australia, 28% in New Zealand).
• The average unplanned downtime as a result of cybersecurity incidents or system outages is almost two hours in Australia, and just under two hours in New Zealand.
• Business leaders in Australia and New Zealand have also reported prolonged recovery times following downtime due to cybersecurity incidents, taking on average 7.4 days to recover.

Looking ahead: building digital resilience

The survey reveals a growing focus on digital resilience as a consequence of these risks, with ANZ businesses prioritising upgrading their technology stack.

• 59% of business leaders in Australia (44% in New Zealand) plan to upgrade their existing technology/digital tools.
• 57% of business leaders in Australia and 45% in New Zealand are planning to implement more preparedness training to employees.
• 44% of business leaders in Australia and 49% in New Zealand plan to invest in new technologies like Generative AI and cloud-based security solutions.

Craig Bates, Senior Vice President and General Manager of Asia Pacific at Splunk said: "While ANZ organisations are increasingly prepared for unplanned downtime, there are still pressing issues that exist in ensuring true digital resilience. It is encouraging to see many business leaders investing in new technologies, upgrading digital tools and enhancing employee preparedness - all of which are important strides in the right direction. However, digital resilience goes beyond isolated actions. It requires a proactive, unified approach that not only prioritises cybersecurity but also ensures the integrity of systems across their entire digital footprint.

In parallel, we're also seeing the Australian and New Zealand Governments taking a proactive role in prioritising digital resilience and strengthening cybersecurity frameworks, positioning themselves as key players in global cybersecurity leadership. This approach is particularly critical in today's AI-driven era, where leveraging the right technology, combined with accountability and transparency, is key to building strong digital defences across ANZ."

For more insights from the "Downtime: A rising challenge for ANZ organisations" report, please visit here.