Enterprise AI promised executives something close to operational certainty: fewer outages, less human error, and systems capable of catching problems before customers ever noticed. But a new report from the software company Splunk on AI-related downtime suggests those promises are colliding with a messier reality.
For businesses, downtime—unexpected interruptions to the software systems and applications that keep operations running—can trigger everything from lost sales to frozen logistics networks and customer backlash. For years, companies treated the problem as fundamentally solvable: Automate enough of the right processes, and human error could largely be engineered out. Acting on that logic, companies spent a median of $24.5 million annually on artificial intelligence systems designed to prevent downtime, per the report from Splunk, a unit of Cisco. But many now report that AI itself is becoming part of the outage problem, quietly introducing several new failure modes in the process.
Half of surveyed organizations experienced downtime tied to incorrect AI automation or model drift. Nearly one-third blamed bugs introduced by embedding AI into production systems. Conducted with Oxford Economics across 2,000 executives of Global 2000 companies, the survey report estimates that unplanned downtime now costs businesses $600 billion annually, up 50% in just two years. Every minute of downtime costs roughly $15,000, and businesses lose an average of $300 million annually before anyone formally calls it a crisis.
Splunk calls it the reliability paradox: The more aggressively companies deploy AI to eliminate operational risk, the more they find themselves managing a newer, less predictable category of it.
“Organizations are deploying AI into mission-critical systems without clearly defined escalation paths,” says Kamal Hathi, senior VP and general manager of Splunk. “They lack monitoring tuned to detect model drift, and there’s no clear ownership when things go wrong.”
The financial exposure extends far beyond IT budgets. Hathi notes that stock prices drop an average of 3.4% per major incident, ransomware payouts have nearly tripled to $40 million, and regulatory fines now average $51 million.
AI Built to Reduce Risk Is Now Manufacturing It
The AI race rewards speed above almost everything else. What began with copilots and chat interfaces is accelerating toward autonomous agents, often without a human in the loop. That velocity is also changing what failure looks like.
Hathi says companies are not misreading AI’s value so much as underestimating what responsible deployment requires. There is a tendency to treat AI deployment like a software upgrade. But AI learns from shifting environments and interacts with systems in ways that do not follow deterministic logic. “Resilience can’t be an afterthought,” he says, referring to the ability to absorb disruption, recover quickly, and maintain continuity.
The report found that 44% of organizations use agentic AI, yet 68% worry those systems may behave unpredictably. The range of types of attack is widening as well. Prompt injection and data poisoning, two forms of AI-targeted attacks in which bad actors manipulate what an AI system sees or learns to alter its behavior, are on the rise. Nearly one in four organizations has encountered them, and 77% of technology leaders believe cybercriminals armed with generative AI will increase downtime at their organizations.
“Agentic systems need to earn their autonomy incrementally,” Hathi says. “They must be governed by visibility and accountability at every step — not deployed at scale and monitored retroactively.”
The Silent Failure Mode Nobody Planned For
Greg Leffler, director of developer evangelism and lead evangelist at Splunk, says AI-related downtime rarely resembles a traditional outage. Instead of a dramatic collapse, it often looks like a compounding erosion of system behavior that spreads long before anyone thinks to investigate it.
He pointed to two patterns appearing repeatedly across enterprise environments. The first is model drift, which he describes as “an automation pipeline making correct decisions six months ago whose training data no longer reflects current traffic. By the time anyone notices, the damage is already spreading across interconnected services.” The second is broken integrations, where an AI system acts on incomplete data and triggers a chain of failures across connected systems that no single team fully owns or monitors end to end. Both degrade confidence gradually, until something critical finally tips over.
AI systems are too often deployed with the assumption that they are self correcting, an assumption traditional infrastructure was never allowed to make. “The engineering discipline applied to software releases—staged rollouts, canary testing, rollback procedures—must now apply to every production model carrying decision-making authority,” Leffler says.
The report’s sharpest finding, however, is not about model capability but about who is in control. Only 38% of surveyed technology executives reported consistently identifying the root cause of downtime incidents, despite heavy investment in monitoring platforms.
Leffler explained that as automation absorbs more routine operational decisions, fewer engineers develop the deep system intuition needed to diagnose failures when automation breaks. At the same time, today’s tech stacks rely heavily on external AI providers and third-party services that teams have little direct visibility into, creating what he calls a compounding opacity problem: layers of interconnected risk sitting largely outside what can be observed.
“Agentic systems should independently diagnose issues, execute routine fixes, and perform code rollbacks—but escalate any higher-stakes decision for human approval,” Leffler says.
He adds that the challenge is as much cultural as technical. “If engineering teams aren’t measuring reliability with the same rigor they measure velocity, governance frameworks will always lose to ship timelines.”
Shadow AI Is Outpacing Enterprise Visibility
Some of the hardest problems to quantify, and perhaps the hardest to fix, are happening outside the official technology stack. Earlier generations of “shadow IT” typically involved employees adopting unapproved software, cloud services, or collaboration tools outside formal IT oversight, creating security and compliance headaches. Shadow AI raises the stakes.
Fully 66% of organizations report employees using unapproved AI tools at work to write code, generate business outputs, and automate decisions, often without centralized visibility into what data those tools access or how their recommendations influence production environments. Unlike shadow IT, shadow AI can shape operational behavior while leaving little trace of how or why decisions were made.
“It’s all three: a policy problem, a visibility problem, and a governance problem,” Hathi says. “Policy alone won’t solve it. Organizations need to deploy an evaluation system for what AI should do, backed by a telemetry layer grounded in logs, metrics, and traces.”
AI will keep getting smarter. The harder challenge, and the one most enterprises are only beginning to confront, is building systems capable of seeing and correcting intelligent behavior before it becomes a business crisis.
“Every competitor now has access to similar models and cloud infrastructure,” Hathi says. “Resilience, governance, and observability are becoming the real differentiators. The enterprises that internalize that first will define what operational excellence means in the AI era.”