オートメーションサイバーセキュリティ

High Stakes Drive Emerging Network Resilience Needs

2024年12月17日 · 3 min read

Surging spikes in network outages, increased complexity, and mission-critical workloads are spurring industries to prioritize operational resilience to respond and recover effectively when trouble strikes. Comprehensive, continuous, and automated testing is essential for ensuring network operational resilience.

News headlines have highlighted the exponential increase in network outages. No mission-critical industry has been spared as cyberattacks, struggling legacy ICT systems, and failed network upgrades plague sectors like telecom, banking, transportation, energy, and beyond.

In particular, cybersecurity attacks and ransomware breaches are inflicting devastating impacts.

In 2023, ransomware payments exceeded $1.1 billion—a 140% increase from the previous year. The largest known ransomware payment to date came during 2024, reaching a staggering $75 million.

A financial toll is just the beginning. Companies face an average recovery time of 24 days after basic ransomware breaches. More nefarious and deep breaches can take over six months to resolve. This lack of operational resilience has consequences far beyond financial losses, including reputational damage, loss of competitiveness, and even business sustainability.

It’s not for lack of planning. But the reality is many disaster recovery and business continuity strategies comprise paper exercises, or simplistic, non-realistic point-in-time simulations. When a network goes down or is breached, protect-and-detect approaches too often prove devastatingly inadequate.

Frequent outages and the rising complexity of business-critical networks are driving industries to prioritize operational resilience, ensuring they can quickly detect, respond to, and recover from incidents.

Reaching new levels of operational resilience

Forward-looking operational resilience addresses preparedness and adaptability while putting a relentless focus on continuity protocols that enable organizations to "bend, not break" when disruptions occur.

The next generation of operational resilience strategies take a proactive and holistic approach to identifying risks, mitigating vulnerabilities, and continuously testing and ensuring that systems, people, and processes can effectively recover and adapt when faced with challenges.

Modern operational resilience strategies include risk assessments, business continuity planning, incident response, disaster recovery, and cyber hygiene. Resilience testing is critical for identifying vulnerabilities, ensuring systems perform under stress, and validating recovery strategies.

As networks evolve and threats grow, resilience testing must be continuous, not a one-time effort. Comprehensive, automated testing is essential for achieving and maintaining operational resilience.

State-of-the-art operational resilience testing:

Improves uptime by identifying and mitigating risks that lead to outages
Speeds recovery by ensuring recovery plans are realistic, executable, deliver relevant outcomes, and minimize downtime
Reduces costs by detecting and fixing vulnerabilities early to avoid expensive disruptions or breaches later

Comprehensive, automated testing is essential for achieving and maintaining operational resilience.

Operational resilience testing methodologies

A range of testing methodologies are used to deliver these benefits:

Vulnerability testing, like penetration tests, simulate real-world attack scenarios to help identify exploitable weaknesses in network configurations, software, or hardware, such as using Day-0 scenarios and evasion techniques to test firewalls and intrusion detection and prevention systems.
Load testing reveals performance bottlenecks, capacity issues, or points of failure by emulating large-scale DDoS to validate the network's ability to absorb and mitigate volumetric attacks.
Chaos testing intentionally injects failures into the network during testing to determine how systems behave under adverse conditions, enabling teams to build more robust recovery strategies. This is becoming even more important in cloud-native environments to ensure network functions are resilient to underpinning issues.
High availability testing ensures that failover systems, such as redundant servers or links, activate seamlessly when primary systems fail.
Disaster recovery testing verifies that recovery systems work and perform as intended, and services can be restored within acceptable timeframes. This includes testing to ensure systems can restart and synchronize without errors or introducing issues.
Geo-redundancy testing validates that geographically distributed systems can maintain operations during localized outages.
Protocol testing verifies the robustness of communication protocols like IPv4 and IPv6, ensuring resilience under extreme conditions.
Patch and update testing validates that change management updates don’t introduce vulnerabilities, break existing functionality, or degrade performance, such as the fallout that occurred following the CrowdStrike software update that caused one of the largest ever IT outages.
Regulatory and compliance testing helps ensure networks meet compliance standards, avoiding penalties and ensuring trustworthiness.

A framework for operational resilience testing

Continuous testing executes operational resilience testing methodologies in an automated test framework that can be seamlessly integrated into operational workflows, including CI/CD pipelines and disaster recovery processes. The results are also essential to document regulatory compliance.

Operational Resilience-Test Methodologies

Automation is a cornerstone of operational resilience testing, keeping organizations ahead of the curve in a fast-evolving technology and threat landscape. It also accelerates the process, ensuring robust operational resilience and realistic business continuity plans.

By integrating automation across the testing methodologies, businesses can cost-efficiently enhance resilience, ensuring an ability to withstand disruptions and continue delivering critical services. Automation can also accelerate compliance testing time, reduce risk, and free teams to focus on revenue-generating innovation.

Our recent blog discusses automation strategies to avoid finance’s next major meltdown and to satisfy the growing number of regulatory compliance requirements, including regular operational resilience testing, to ensure ICT systems can withstand cyberattacks and disruptions.

Drill down into network and security testing for financial services to safeguard services, ensure regulatory compliance, and achieve breakthrough productivity. Learn more in our webinar on Building Resilient and Compliant Enterprise Networks with Automated Security Testing.

コンテンツはいかがでしたか？

こちらで当社のブログをご購読ください。

ブログニュースレターの購読

タグ: 5G, 保証, オートメーション, クラウドと仮想化, Communication, サイバーセキュリティ, Devices + Services, 企業, Government, Defense & Aerospace, IoT, モバイルネットワーク, SD-WAN, Spirentのサービス, Wi-Fi

Stephen Douglas

市場戦略統括

Spirent is a global leader in automated test and assurance for the ICT industry and Stephen heads Spirents market strategy organization developing Spirents strategy, helping to define market positioning, future growth opportunities, and new innovative solutions. Stephen also leads Spirent’s strategic initiatives for 5G and future networks and represents Spirent on a number of Industry and Government advisory boards. With over 25 years’ experience in telecommunications Stephen has been at the cutting edge of next generation technologies and has worked across the industry with service providers, network equipment manufacturers and start-ups, helping them drive innovation and transformation.