Formal observability strategy helps detect threats

Companies with a formal observability strategy are 3.5 times more likely to detect incidents more quickly than those without one. This approach not only reduces detection time, but also generates other benefits, for example in the areas of security (83 per cent), faster advances in products/services (82 per cent) and better levels of compliance (78 per cent).

The conclusions were revealed by Viavi Solutions “2024/25 State of the Network” study. The survey included 754 respondents from 10 countries (Australia, Brazil, Canada, France, Germany, Mexico, New Zealand, Singapore, the United Kingdom and the United States) and focused on the evolution of network performance and security tools over the last 16 years, assessing the impacts on observability and the security posture of companies.

According to the report, 95% of the organisations interviewed are already moving to more comprehensive network observability strategies. Observability processes provide in-depth insights into network behaviour, performance and health by collecting, analysing and presenting data to facilitate action by administrators in real time.

Viavi warns that, unlike traditional monitoring, which focuses mainly on identifying and alerting predefined problems, observability makes it possible to detect, understand and resolve incidents proactively and in real time in order to manage network performance, improve problem resolution and raise user satisfaction levels.

The study notes that the monitoring tools market itself is moving in the direction of observability, but the adoption of these new offers by companies needs to be accompanied by a clearly articulated strategy, with the definition of objectives in various domains.

The report also underlined the need for continuous threat exposure management (CTEM), with 88% of organisations highlighting the urgency of improving their threat management capabilities. By integrating CTEM tools with attack surface management, organisations can improve their security posture and operational resilience. Viavi comments that CTEM programmes are gaining momentum, second only to patch management and vulnerability assessments among current threat exposure management methods.

“Organisations are increasingly recognising the transformative impact of observability on network management and security. This report demonstrates a clear trend towards observability, not only as a way of improving security, achieving compliance objectives and detecting incidents, but also as an important factor for business,” says Chris Labac, vice president and general manager of network performance and threat solutions at Viavi.

Among the report’s main revelations are the following figures:

• Reduction in incident detection time: Organisations that have a formal observability strategy are 3.5 times more likely to report incidents causing downtime more quickly.
• More security: 83 per cent of companies with observability strategies have improved security.
• More compliance: 78% of organisations have better compliance processes when they have a formal observability strategy.
• Need for CTEM: 88% of organisations report needing to improve their threat management capabilities.

What tools are currently being used?

There are many types and applications of monitoring tools, generally divided by infrastructure layer or operational goals. Of the seven main categories considered by the study, all were used by the vast majority of respondents – 82 per cent reported using network performance monitoring (NPM) and 78 per cent reported using security information and event management (SIEM) tools. Other less common tools were asset/inventory management (58 per cent) and log management (56 per cent), but they were still used by a considerable proportion of the companies surveyed.

While having more tools can help improve network visibility, integrating them with new technologies and services can become a problem. According to the study, companies with more than 10 tools were 64% more likely to face difficulties with comprehensive or automated analyses using machine learning and AlOps. Overall, the negative aspects of the high number of tools outweigh the benefits for most organisations, the survey concludes.