12 June 2024

Splunk .conf24 – Day 1 – Keynote Highlights

SIEM, Splunk


Hello! Welcome to our coverage of the first day of Splunk .conf24. Today’s keynote was packed with updates and insights into the evolving landscape of threat detection and the critical impact of downtime on global enterprises. Here’s a detailed recap of the major highlights and takeaways from the kick-off of this year’s event.


Splunk’s Place In A Growing Market

Despite changes and newcomers to the space, Splunk remains a leader in the Gartner Magic Quadrant for SIEM, Application Performance Monitoring (APM), and Observability in 2024. This reaffirms Splunk’s commitment to providing top-tier solutions that help businesses stay ahead in the security landscape.


Exciting Product Integrations

Several significant product integrations were announced for Splunk, such as:

Splunk Enterprise and CISCO XDR – This integration enhances extended detection and response capabilities.

Splunk Observability and AppDynamics – This partnership promises to improve performance monitoring and analytics.

Azure Availability: – Splunk will be available on Azure in preview this summer, expanding its accessibility and deployment options.


Federated Data Access and Enhanced Security

Splunk announced it is continuing its commitment to federated data access, ensuring seamless and secure data integration across platforms. Additionally, there have been improvements in the “Get Data In” (GDI) process, including the obfuscation of sensitive data to enhance security.


AI and Machine Learning Advancements

Splunk is also making strides in artificial intelligence (AI) and machine learning (ML), keeping it in line with the rest of the industry and the wider threat landscape. This is a huge topic, and we will likely dive into it further as the event progresses, but for now, the key new updates look like this:

Splunk Assistant for SPL: An improved large language model (LLM) will be previewed later this year, enhancing the AI assistant’s capabilities in security.

AI in Observability – A demonstration (watch the impressive demo here) showcased the AI assistant’s capabilities in observability.

ITSI ML Enhancements – Better granularity in adaptive thresholding will improve the accuracy of incident detection and response.


The Hidden Costs of Downtime

One impactful topic covered was the financial toll of downtime, highlighted in a report by Splunk in partnership with Oxford Economics. Which highlighted some interesting headlines:

  • The Global 2000 collectively lose $400 billion annually due to downtime.
  • Each company loses an average of $200 million annually, roughly 9% of profits.
  • Companies incur about $22 million in fines on top of the cost of the downtime itself.
  • The main causes of downtime are cybersecurity issues (56%) and infrastructure or application problems (44%).

We’ve included a summary below and the link for the full report from Splunk here

Day 1 Wrap Up

As we kick off Splunk .conf24 this year, we can see some emerging trends and Chuck Robbins, Cisco Chairman and CEO was at pains to state innovation and investment will continue at pace and he emphasises 

“so our job is not to screw up anything that you guys do really well today but to bring you incremental capabilities”

This is joined by a big focus on AI, using it not only to automate complex tasks but also to improve the accessibility and ease of deploying advanced features and integrating Splunk with all parts of the business.

This is just the opening keynote so far, but we hope to dive into more of the topics raised here, looking at how they will be used and how they can help Apto clients do more with their platform.

Please stay tuned for daily blog posts from each day of the event between now and the 14th of June. To receive updates directly to your inbox, subscribe here.

In Depth: The Hidden Costs of Downtime: A $400 Billion Challenge for the Global 2000

In today’s digital age, business disruptions are inevitable. However, the most successful organizations are those that can quickly adapt to system stressors and bounce back, thanks to their solid foundation of digital resilience. Despite this, unplanned downtime continues to challenge businesses, often exacting a significant toll.

The Financial Toll of Downtime

A recent report by Splunk, in partnership with Oxford Economics, has quantified the staggering cost of downtime for the Global 2000 companies, amounting to $400 billion annually. This translates to an average loss of $200 million per company per year, or roughly 9% of their profits. The true impact of downtime is multifaceted, encompassing both direct and hidden costs.

Direct Costs

The direct financial damages of downtime are extensive:

  • Lost Revenue: The biggest hit comes from lost revenue, which averages $49 million annually per company.
  • Regulatory Fines: On average, companies incur $22 million in regulatory fines each year.
  • Other Direct Costs: These include SLA penalties, settlement and legal costs, and expenses for brand trust campaigns.
Hidden Costs

Hidden costs are equally, if not more, damaging:

  • Market Cap Impact: Downtime can lead to a significant drop in stock prices.
  • Reputation Damage: It tarnishes the company’s brand and erodes customer and investor trust.
  • Operational Disruptions: Productivity plummets as teams shift focus from high-value tasks to crisis management.

Root Causes of Downtime

The sources of downtime are diverse, with cybersecurity issues (56%) and infrastructure or application problems (44%) being the primary culprits. Human error stands out as the leading cause, often exacerbated by complex modern development practices. Other significant causes include software and hardware failures, malware, and phishing attacks.

Strategies of Resilience Leaders

The report highlights the practices of the top 10% of companies, referred to as “resilience leaders,” who recover faster from downtime and suffer less financial damage. Key strategies include:

  • Investment in Technology: These leaders invest heavily in cybersecurity tools, infrastructure capacity, and cyber insurance.
  • Adoption of Generative AI: They leverage generative AI tools to address downtime, with significant benefits reported.
  • Proactive Approach: Resilience leaders focus on predictive analytics and cross-team visibility to prevent incidents.

Industry-Specific Impacts

The cost of downtime varies across industries, with retail suffering the most, followed by manufacturing and transportation. Downtime in one sector can also have cascading effects on others, such as financial services impacting retail and logistics.

Global Variation in Downtime Costs

Geographical location plays a role in downtime costs. U.S. companies face the highest costs due to lost revenue and SLA penalties, while companies in Africa and the Middle East spend more on ransomware and extortion payouts.


The report underscores the critical importance of digital resilience. To mitigate the substantial costs of downtime, organizations must invest smartly in technology, adopt a proactive approach to downtime management, and ensure comprehensive visibility across all teams. By doing so, they not only protect their bottom line but also enhance their long-term value and competitiveness.

Building resilience is not just about avoiding losses; it’s about positioning the organization to thrive even in the face of inevitable disruptions. As the digital landscape continues to evolve, so too must the strategies and tools that organizations deploy to safeguard their operations and ensure sustained success.

Stay updated with the latest from Apto

Subscribe now to receive monthly updates on all things SIEM.

We'll never send spam or sell your data, see our privacy policy

See how we can build your digital capability,
call us on +44(0)845 226 3351 or send us an email…