Cost of IT downtime: Complete UK guide with calculator
UK businesses lost £3.7 billion to internet failures alone in 2023, according to research by Beaming. That's not a typo. And it's just the tip of the iceberg when you factor in hardware failures, cyber attacks, software bugs, and human error.
For UK SMEs specifically, the numbers are equally sobering. The average small business loses £7,500 per year to unplanned IT downtime, with some incidents costing up to £212,000 in a single event. What's more, 92% of UK businesses take 24 hours or longer to recover from a significant outage.
In this comprehensive guide, we'll break down exactly what IT downtime costs UK businesses by size and industry, help you calculate your own potential exposure, and share practical strategies to minimise your risk. Whether you're running a 10-person startup or managing IT for a 500-person enterprise, understanding these costs is the first step toward protecting your business.
What is IT downtime?
IT downtime refers to any period when your technology systems are unavailable or underperforming to the point where normal business operations are disrupted. This includes everything from complete system failures to degraded performance that slows your team down significantly.
There are two main types of downtime:
- Planned downtime: Scheduled maintenance windows, system upgrades, and software updates. While these still impact productivity, they're predictable and can be scheduled for low-impact periods.
- Unplanned downtime: The expensive kind. Hardware failures, cyber attacks, software crashes, network outages, power cuts, and human error. These hit without warning and tend to cause the most damage.
Common causes of unplanned IT downtime include:
- Hardware failures (31% of outages)
- Incompatible software (27%)
- Cyber attacks and ransomware
- Network connectivity issues
- Human error and misconfigurations
- Power outages
- Software bugs and failed updates
- Worn-out devices (20%)
UK businesses experienced 8.8 million internet failures in 2023 alone, resulting in 50.5 million hours of disruptive downtime. And that's just connectivity issues - it doesn't account for the countless hardware failures, software crashes, and security incidents that happen every day.
The true cost of IT downtime by business size
The cost of downtime varies dramatically depending on your organisation's size, industry, and how heavily you depend on technology. Here's what the research tells us about UK businesses:
| Business Size | Cost per Minute | Cost per Hour | Annual Impact |
|---|---|---|---|
| Small (<50 employees) | £350 - £450 | £21,000 - £27,000 | £7,500 median |
| Medium (50-500 employees) | £1,500 - £3,500 | £90,000 - £210,000 | £15,000 median |
| Large (500+ employees) | £5,000 - £15,000 | £300,000 - £900,000 | Millions |
| Enterprise | £23,750+ | £1.4 million+ | Variable |
Sources: Metrics Plus, Reach IT, ITIC 2024 Survey
UK SME downtime: The numbers that matter
Small and medium-sized enterprises make up the backbone of the UK economy, and they bear a particularly acute financial burden from downtime relative to their size and resources. Here's what the latest UK research tells us:
£300k
Annual loss from outdated tech per SME
Source: Samsung UK Study19 hrs
Average annual productivity lost to IT issues
Source: Unity World£3,350
Average cost per cyber incident
Source: Gov.uk Cyber Breaches Survey 202592%
Businesses taking 24+ hours to recover
Source: Gov.uk Cyber Breaches Survey 2025Perhaps most concerning is the trend. While UK businesses experienced fewer total downtime hours in 2023 compared to 2018 (50.5 million vs 60 million), the cost increased fivefold - from £742 million to £3.7 billion. This reflects our growing dependence on technology: 15% of UK businesses now start losing money the moment their connectivity fails, up from 11% in 2018.
Breaking down the cost: direct, indirect, and hidden expenses
When we talk about downtime costs, most people think only of the obvious stuff - lost sales and idle employees. But the true cost runs much deeper. Let's break it down:
Direct costs
These are the immediate, measurable financial impacts:
- Lost revenue: Every minute your systems are down, transactions aren't happening. For an e-commerce business, this is immediately quantifiable.
- Emergency IT support: Calling in specialists at short notice isn't cheap. Out-of-hours support can cost 2-3x standard rates.
- Data recovery costs: If data is corrupted or lost, professional recovery services can run into thousands of pounds.
- Hardware replacement: Sometimes the only fix is new equipment, delivered urgently.
Indirect costs
These don't show up on an invoice but eat into your bottom line just as surely:
- Lost productivity: During an outage, employee productivity drops to just 63%. Even after systems are restored, it takes an average of 9 additional hours to return to full productivity (70% during recovery phase).
- Overtime costs: Staff working late to catch up on missed work or backlog.
- Missed deadlines: Contract penalties, rush fees on delayed deliveries, lost bonuses.
- Management time: Senior staff dealing with crisis management instead of running the business.
Hidden costs
The expenses that often don't get counted but can be the most damaging long-term:
- Reputation damage: According to Gartner, 40% of customers will switch to a competitor after experiencing a major service failure. That's customers you may never win back.
- Employee morale: Frequent tech problems frustrate staff. Research by Unisys shows 49% of employees lose 1-5 hours weekly to IT issues. That frustration adds up.
- Compliance and regulatory fines: If downtime leads to data breaches, you're looking at potential GDPR fines of up to 4% of annual turnover.
- Lost opportunities: The deals you didn't close because your systems were down at the wrong moment.
Calculate your downtime cost
Enter your business details below to calculate how much IT downtime could cost you. All calculations are performed locally in your browser - no data is sent to our servers.
Your estimated downtime cost
Employee cost
£0
Wages paid during outageRevenue loss
£0
Direct sales/revenue impactRecovery productivity loss
£0
Catch-up period impactTotal incident cost
£0
£0
£0
UK case studies: When downtime gets serious
These aren't hypothetical scenarios. They're real UK businesses that faced real downtime disasters in 2024 and 2025. The lessons they learned the hard way can help you protect your own organisation.
Marks & Spencer: The £324 million ransomware wake-up call
April 2025 - Over the Easter weekend, one of Britain's most trusted retailers discovered it had been compromised by the DragonForce ransomware group via Scattered Spider hackers. The attackers had actually been inside the M&S network since February, quietly stealing customer data and preparing their attack.
£324m
Lost sales46 days
Online shopping down£750m
Market value dropThe attackers didn't hack through sophisticated technical defences. They simply called the IT helpdesk run by third-party provider Tata Consultancy Services (TCS), posed as employees, and convinced staff to reset a user's password. From there, they had the keys to the kingdom.
Click & Collect stopped working. Contactless payments failed across stores. Online shopping was suspended for 46 days. Customer data including names, addresses, and purchase history was stolen. M&S's insurance paid out £100 million - covering just 31% of the losses.
CrowdStrike outage: The day 8.5 million Windows computers crashed
19th July 2024 - At 04:09 UTC, CrowdStrike - a cybersecurity company protecting over 75% of Fortune 500 companies - pushed a faulty update to its Falcon Sensor software. Within minutes, Windows computers worldwide started showing the dreaded "blue screen of death" and became stuck in boot loops.
£1.7-2.3bn
UK cost (Kovrr estimate)8.5m
Devices affected globally5,078
Flights cancelledThe UK impact was severe. NHS GP practices across the country lost access to patient records through the EMIS system. The London Ambulance Service fielded 4,500 emergency calls by 5pm. Edinburgh and Gatwick airports saw departure boards freeze. Ryanair, KLM, and British Airways cancelled flights. Banks reported payment processing failures.
CrowdStrike fixed the update within 78 minutes - but the damage was done. Every affected machine needed manual intervention to recover. Organisations using BitLocker encryption faced even longer recovery times because they needed individual recovery keys for each device.
Synnovis NHS attack: When downtime costs lives
3rd June 2024 - Russian-speaking ransomware group Qilin attacked Synnovis, the pathology services provider for Guy's and St Thomas' and King's College Hospital NHS Trusts. They demanded $50 million in ransom. When it wasn't paid, they published 400GB of stolen patient data.
1,500+
Operations cancelled900k+
Patients affected100+
Cancer treatments delayed£32m
Direct costsWithout blood test results, hospitals couldn't perform surgeries safely. Blood transfusion services operated at just 10% capacity because staff couldn't match blood types. 18 organ transplants were postponed. The NHS issued urgent appeals for O-negative blood donors.
In June 2025, King's College Hospital confirmed what many feared: a patient safety investigation concluded that the ransomware attack was a contributory factor to a patient's death. This is believed to be one of the first documented cases where a cyber attack has been directly linked to loss of life in UK healthcare.
Sainsbury's: When a routine update goes wrong
16th March 2024 - A Saturday morning at the UK's second-largest supermarket chain. An overnight software update contained an error that cascaded through Sainsbury's systems, affecting online deliveries and contactless payments.
The company announced it couldn't fulfil the "vast majority" of online deliveries scheduled for that day. Contactless payment systems went down across stores. Customers were left at tills unable to pay. And because the communications systems were also affected, Sainsbury's couldn't even contact customers to warn them about cancelled orders.
The good news? Because this was a non-malicious software failure (not a cyber attack), recovery was relatively quick - contactless payments were back within 24 hours, and online ordering resumed within two days. CEO Simon Roberts issued a personal apology and customers received vouchers as compensation.
In fact, Tesco, McDonald's, and Greggs all experienced separate IT issues that same weekend - highlighting how common software update failures have become as businesses run increasingly complex, interconnected systems.
What these cases teach us
Looking across these four major UK incidents, several themes emerge:
Third-party risk is real
M&S was compromised through a contractor. Synnovis affected multiple NHS trusts. CrowdStrike brought down its own customers. Your suppliers' security is your security.
People remain the weakest link
The M&S attackers didn't use sophisticated technical exploits. They called a helpdesk and asked nicely. Social engineering still works.
Recovery time varies wildly
Sainsbury's bounced back in hours. M&S took 46 days to resume online shopping. Synnovis took 17 months just to complete its forensic investigation. Preparation determines recovery speed.
Insurance isn't enough
M&S received £100 million in cyber insurance - but lost £324 million in sales. That's a £224 million gap. Prevention is still cheaper than recovery.
Don't wait for your own £300k wake-up call
These case studies show what happens when businesses aren't prepared. Our IT Operations team helps UK organisations build resilience through proactive monitoring, robust backup strategies, and incident response planning - before disaster strikes.
IT Operations services Book a free consultationIndustry-specific downtime costs: What's your sector paying?
Not all downtime is created equal. A one-hour outage at a pharmaceutical plant costs dramatically more than the same hour lost at a small retail shop. Here's how the numbers stack up across major UK industries:
| Industry | Cost per Hour | Key Risk Factor |
|---|---|---|
| Pharmaceutical manufacturing | £1 - £5 million | GMP regulatory restart requirements |
| Automotive manufacturing | £1.6 - £2 million | Production line + supply chain cascade |
| Investment banking | £600,000 | Trading systems, regulatory penalties |
| Healthcare (NHS hospitals) | £450,000 | Patient safety, cancelled procedures |
| Large retail (e-commerce) | £100,000 - £300,000 | Peak shopping periods, cart abandonment |
| General manufacturing | £5,000 - £10,000 | Equipment failure, production loss |
| Professional services (law/accountancy) | £3,000 - £5,000 | Billable hours, court deadlines |
| SME general | £500 - £5,000 | Limited IT resources, cash flow impact |
Sources: DelaControl, Computer Weekly, IP Fabric
Manufacturing: Where every minute on the line counts
UK and EU manufacturers are projected to lose over £80 billion to unplanned downtime in 2025, according to IDS-INDATA research. The costs vary dramatically by subsector:
Automotive
£1.6-2M
per hour
20-25 incidents monthly, 3-4 hours each. When one plant stops, the supply chain ripples across hundreds of suppliers.
Pharmaceutical
£1-5M
per hour
8-hour average incidents. You can't just restart - GMP requirements mean full sterility validation before production resumes.
Food & Beverage
£4-5bn
annual UK/EU losses
Frequent short outages (1-3 hours) add up. Perishable ingredients spoil during downtime, multiplying losses.
Survey data from UK manufacturers shows the average company experiences 49 hours of downtime per year, costing approximately £250,000 in direct production losses alone.
Healthcare: When systems go down, lives are at risk
The NHS and private healthcare providers face a unique challenge: downtime doesn't just cost money, it directly impacts patient safety. According to the Ponemon Institute, healthcare organisations lose an average of £7,500 per minute of downtime.
- £450,000 per hour in lost procedures and delayed care
- £1.9 million per day for major hospital system outages
- 17+ days average resolution time for healthcare IT incidents
- 88% of NHS trusts have electronic patient records
- 75% still rely on paper backup alongside electronic systems
- WannaCry ransomware cost the NHS £92 million in 2017
When EHR systems fail, clinicians revert to paper processes that are slower and more error-prone. During the Synnovis attack, hospitals couldn't access patient blood type data - forcing them to use universal donor blood and severely limiting transfusion capacity.
Financial services: The £600,000 per hour problem
UK banks have accumulated over 800 hours of IT downtime in the past two years, according to the Treasury Committee. That's 158 major incidents affecting millions of customers.
£600k
Cost per hour (investment banks)194 hrs
NatWest downtime (2 years)33
Barclays incidents (2 years)The Barclays outage in January 2025 hit on payday - the worst possible timing. 56% of online payments failed, and the bank paid £5-7.5 million in customer compensation. Research from Splunk suggests UK financial services companies collectively lose £152 million annually to downtime.
Professional services: Every lost hour is lost revenue
For law firms and accountancy practices, the calculation is straightforward: downtime equals lost billable hours. At £3,000-£5,000 per hour, even a brief outage hits the bottom line hard.
But the real damage often comes from what you can't bill for:
- Missed court deadlines when case management systems are inaccessible
- HMRC penalties for tax returns filed late due to system failures
- Client trust erosion - professional services depends on reliability
- Regulatory risks if confidential client files are affected
Research shows lawyers record less than three billable hours per day on average, with 75% of time consumed by administrative tasks. When systems go down, that already-constrained billable time drops to zero.
SMEs: Disproportionate impact from limited resources
Small and medium businesses might face lower per-hour costs (£500-£5,000), but they're hit proportionally harder because they lack the IT resources to respond quickly and the financial cushion to absorb losses.
UK SME cyber statistics (Hiscox 2024)
- 59% of SMEs experienced a cyber attack in the past 12 months
- £25,700 average cost per cyber breach
- 27% hit by ransomware
- 80% of ransomware victims paid the ransom
- 60% successfully recovered data after paying
- 33% faced significant fines after an attack
UK businesses collectively lost £21.3 billion to internet outages alone in 2023. For an SME without dedicated IT support, a single ransomware incident can be business-ending - especially when 40% of ransomware victims who pay find themselves asked for additional payments.
How to prevent IT downtime: Strategies that actually work
The good news? Most IT downtime is preventable. The organisations that rarely experience major outages aren't just lucky - they've invested in proactive strategies that catch problems before they become expensive disasters.
The ROI of prevention
A Microbyte study found that UK SMEs implementing comprehensive IT management achieve 188% ROI - turning a £60,000 annual investment into £173,000 in benefits through avoided downtime, productivity gains, and reduced staff turnover.
1. 24/7 proactive monitoring
Reactive IT support waits for things to break. Proactive monitoring catches problems before they impact your business - a disk filling up, a server overheating, an unusual login pattern that might indicate a breach.
Reactive approach
- Wait for users to report problems
- Scramble to diagnose under pressure
- Pay premium for emergency support
- Extended downtime while fixing
Proactive approach
- Automated alerts catch issues early
- Fix problems during quiet hours
- Predictable monthly cost
- Minimal or no user-visible downtime
UK managed IT services typically cost £50-100 per user per month for comprehensive monitoring and support. For a 20-person business, that's £12,000-24,000 annually - less than the cost of a single significant outage.
2. Infrastructure redundancy and backups
No system is 100% reliable. The question isn't whether something will fail, but whether you can recover quickly when it does. That requires:
- Automated backups: Daily (minimum) to local and cloud destinations. Test them regularly - many businesses discover their backups are corrupted only when they need them.
- Defined recovery targets: Set your Recovery Time Objective (how quickly you must restore) and Recovery Point Objective (how much data loss you can tolerate).
- Geographic distribution: Critical systems should have backup capacity in a separate physical location - a fire or flood at your main office shouldn't take down everything.
- Tested recovery procedures: Document exactly how to restore each critical system, and test the process at least annually.
UK backup and disaster recovery services typically cost £195-325 per server per month for comprehensive protection including tested recovery procedures.
3. Cybersecurity investment
With 51% of UK cyber insurance claims in 2024 coming from ransomware and malware attacks, cybersecurity isn't optional - it's essential downtime prevention. Key investments include:
Multi-factor authentication
Reduces breach risk by 99%. Often free or low-cost to implement.
Staff awareness training
IBM research shows training reduces breach costs by $1.5 million on average.
Cyber Essentials certification
Organisations with certification have 92% fewer insurance claims.
Cyber Essentials is the UK government-backed certification that demonstrates you've implemented five foundational security controls. It costs £500-2,000 to achieve, and 69% of certified organisations report it's improved their market competitiveness. Read our complete guide to cybersecurity for UK SMEs for more details.
4. Business continuity planning
When disaster strikes, you don't want to be figuring out what to do. A business continuity plan documents:
- Critical systems priority: Which systems must be restored first to resume operations?
- Recovery procedures: Step-by-step instructions for restoring each critical system
- Contact lists: Who needs to be notified, including IT support, management, and vendors
- Communication plan: How will you communicate with staff and customers during an outage?
Research shows 85% of UK organisations now have business continuity plans - but the quality varies enormously. The difference between Sainsbury's (recovered in hours) and M&S (took 46 days to restore online shopping) came down to preparation.
5. Third-party risk management
Your security is only as strong as your weakest supplier. The M&S breach came through a third-party helpdesk. The Synnovis attack took down multiple NHS trusts because they shared a single pathology provider.
- Assess supplier security: Ask about their security certifications, incident history, and recovery capabilities
- Limit access: Third parties should only have access to what they need - nothing more
- Contractual protections: Include security requirements and incident notification in supplier contracts
- Diversify where possible: Avoid single points of failure by having backup suppliers for critical services
Not sure where to start with downtime prevention?
Implementing all these strategies at once can feel overwhelming. Our team can help you prioritise based on your specific risks, budget, and business needs. We'll identify your biggest vulnerabilities and create a practical roadmap to address them.
Get in touch Technology governanceCalculating your prevention ROI
Is prevention worth the investment? Here's a simple framework to calculate the return:
| Annual Prevention Investment | |
|---|---|
| Managed IT services (20 users × £75/month) | £18,000 |
| Backup and disaster recovery | £3,000 |
| Cybersecurity tools and training | £5,000 |
| Total investment | £26,000 |
| Annual Benefits (Conservative Estimates) | |
|---|---|
| Prevented downtime (6 hours × £2,000/hour) | £12,000 |
| Avoided security incident (probability-adjusted) | £15,000 |
| Productivity gains from reliable systems | £8,000 |
| Avoided emergency support costs | £5,000 |
| Total benefits | £40,000 |
Frequently asked questions about IT downtime
Need help reducing your downtime risk?
Don't wait until you're facing a £200,000 outage to take action. Much of the IT downtime UK businesses experience stems from accumulated technical debt and legacy systems that haven't been properly maintained.
Our IT Operations team at Red Eagle Tech can help you build resilience into your technology infrastructure. We'll assess your current setup, identify vulnerabilities, and put proactive monitoring in place to catch problems before they become expensive outages.
