Eric Hutchinson's goals as CEO of Spirent are nothing if not ambitious. He is seeking to not only move the long-time testing and assurance vendor into a new strategic role but also to transform its internal culture and capitalize on its expertise in critical areas such as the 5G rollout and cybersecurity.

In the first of a two-part CXO Q&A, Hutchinson discussed Spirent Communications plc 's 5G success and the changing relationship the company has with its customers. In this second part, he explains more about Spirent's plans for the cybersecurity realm, how the company is addressing machine learning/artificial intelligence and how the strategic changes are making engineers more warm and fuzzy. Oh, and also how Spirent saved one large carrier customer tens of millions of dollars using its VisionWorks system.

Carol Wilson: How long has Spirent been engaged in cybersecurity?

Eric Hutchinson : On security testing, we've been working with the guys who've developed firewalls for over a decade. It's the same concept as our regular business -- we simulate the network environment, but in this case, it will be peppered with malware and scale attacks so that the companies like Palo Alto Networks, for example, can get an emulation of real-world traffic. We've been working at scale with real-world emulation with the firewall developers.

CW: How is that changing?

EH: What the team has done now is, they've taken that deep expertise and turned it into a software-based tool that now can be run in a live network deployment. We're bringing the same level of scale and realism that we've been doing for the firewall developers and now allowing the enterprise and service provider customers to run that same simulation on their own live network deployment. Clearly, they need to do that carefully and in a very controlled way, because it can take their network down. It enables them to do continuous security testing because your security is only as good as the last test you ran.

Figure 1: Spirent CEO Eric Hutchinson

Cybersecurity fundamentally is not different. There are constantly new challenges coming up, so we update with any new attacks we've added to our database, we send an update to our customers. They've all got that within 24 hours of anything happening. The benefit here is that we're enabling security officers to eliminate the need for up to about ten different point solutions bringing it into an automated test process.

Not only does it give them greater scale and realism, it's also giving them a way to get the benefits of automation. It doesn't matter who you are, you're still working with a limit on your resources in some form, either to get the count of people or to get the dollars to pay for it.

CW: Cybersecurity folks are talking a lot about using analytics and automation to constantly look for patterns of network behavior that might predict cyber attacks, based on signatures of past attacks and more. Are you part of that process?

EH: We are on a path where we're adding more data analytics to the system. We're not all the way there. Where we are is based on requirements, constantly being right up-to-date with the real threats, and we're focusing on financial services, healthcare organizations as our two primary markets. Then we're looking to see what value we can add.

How will service providers enable automated and efficient network operations to support NFV & SDN? Find the answers at Light Reading's Software-Defined Operations & the Autonomous Network event in London, November 7-8. Take advantage of this opportunity to learn from and network with industry experts – communications service providers get in free!

We're just bringing out a new concept of testing data breaches. This is where somebody is actually testing whether the network can prevent the entry. We're able to, through emulation of the stuff that's being sent out of your network, show people [whether or not] they've got protections to detect when data and information is being sent out from their network which is not authorized. We're developing a new system deployment which will be launching at the end of this year, but we're already beginning to show it to select customers at the moment. That's really getting a lot of interest, particularly in financial services.

We're showing them in advance of [a data breach] actually happening, where their network is vulnerable to that taking place so they can prevent it happening in the first place.

Closed loop service assurance

CW: Changing subjects, Spirent has been talking for some time about service assurance in the virtual world and the need for closed-loop service assurance. Where are you with that?

EH: The way that service assurance is done traditionally is by passive monitoring and huge big data analytics. You're pulling everything that's happening in the network, analyzing it, looking at patterns, looking at behaviors, looking at traffic loading and getting a read-back. As you move into a virtual world, that becomes less valuable because as you say, the way that the traffic is running through a virtual network is not predictive. It takes a different path.

We came up with this concept of VisionWorks, which is taking our test automation tool software system that's running in live networks, and our ability to test mobile infrastructure at the basestation and beyond to the individual subscriber, and both capture what's happening but also, then simulate traffic through the network to an end-point. That's taking our test automation software and it's taking our data analytics and bundling that together so that we can then run active tests.

So when the service is turned up to a large enterprise customer across a virtual network, the service provider is now able to automatically send a test through to verify the quality of that service and they can re-run those tests at any time to verify the quality of that service to the end customer. This has really enabled them to revolutionize the way that they are monitoring the quality of their services.

We have a very large Tier 1 service provider that has services deployed to enterprise customers, all under contract, all under service level agreements. [Using] skilled engineers with specialized tools, they could only cover 7% of their customers and they could only test those customers a few times a day on the quality of service, but 93% of their customers they couldn't test. So they were getting challenges on the service level they were delivering. They had no way of countering those claims. They were paying out multi-million-dollar penalties onto their contracts.

CW: And you could help them automate that process and do better?

EH: After they deployed our system, they were able to cover 100% of their customer base and they could run those tests against customers every 15 minutes. We saved them tens of millions just in those penalties under the SLA contracts, let alone anything else in the efficiency and the use of their own engineering staff.

As we look out the networks and different services, we have a different use case for whole series of other service provisions. We'll continue to develop more of those use cases.

Next page: AI, machine learning and culture change CW: We hear a lot about artificial intelligence and machine learning. From your perspective, is this still hype or are you actually seeing this at work in service provider networks? If so, where?

EH: We've really been seeing machine learning starting to come through. That's really based upon all of the analytics processes that are going on. That's enabling some of the machine-learning processes to start to be used to develop more robust or effective systems, high quality. Artificial intelligence is very much just being discussed, talked about. We're all trying to understand how that could be built in and used. If you like that hype, that's more hype. These are still relatively early days.

CW: What do you see as the barriers to using artificial intelligence? Is it just the systems aren't available yet or it's not clear how it could be used?

EH: Think about what happens today. We're presenting the results of myriad different monitoring systems and data. At the moment, the only way to make sense of [potential next steps] is having a highly experienced expert looking at some of these results and then saying, "Okay, the next thing we should be doing is we should be looking at these basestations in a certain area or we should be looking at certain network elements." It's partly because that expert has seen that before and thinks that's where it's going to be, but doesn't really know. [The expert's] data input doesn't provide clear guidelines. Artificial intelligence will replace that human intervention into the process. That's where the value's going to come from, but those systems haven't been developed yet.

CW: Finally, circling back to where we started with your new strategic initiative. What's been the reaction in the industry?

EH: The reaction is it's a fresh approach. It's different. One of the challenges in our industry is that if you look at everything that everybody says, if you remove the company name and the logos and maybe some of the colors, you find it a real challenge to work out who is who. We all sound the same. This is a fresh approach. It's looking at the business requirements. It's elevating the conversation to a different level. We're starting to get some very positive feedback from it in the way that it's being perceived by customers, potential customers and indeed our own people.

Now entering its fifth year, the 2020 Vision Executive Summit is an exclusive meeting of global CSP executives focused on navigating the disruptive forces at work in telecom today. Join us in Lisbon on December 4-6 to meet with fellow experts as we define the future of next-gen communications and how to make it profitable.

CW: What about internally? Are you changing the internal culture at Spirent?

EH: We're having different discussions internally. We're going out of our way to put our people through different development training processes. We've got select people that we're bringing through and may start to have a different dialogue with our customers but also internally. We're changing the way that we talk about the business to our own people. It's very much about bringing clarity to customer complexity. For a long time, a lot of our people were very much focused on the technology, what they're doing about the technology and less about what it really means to the customer at the end of the day.

We are having the dialogue to raise our profile with customers who've known us for a long time for leadership in testing. Now we've got customers, directors, boards starting to recognize us helping customers. You resonate, I guess, on a more human level with people. There's a bit more of an emotional feedback process as opposed to a very technical one. The engineering world is becoming maybe a bit more human. Gosh, that's a claim, isn't it?

CW: Last question: Spirent has been known for doing acquisitions -- are there specific areas of expertise you are still looking to acquire or do you feel like you've got what you need?

EH: In terms of realizing our strategy, I don't have to acquire the technology or a capability or a footprint, but at some stage we might want to accelerate the expansion by maybe merging with some companies that are closely adjacent so that we would expand our capability, particularly across the service assurance market in more performance management, maybe deep fault management capability, for example. On service assurance, we're very much a North American-based business. Acquiring a business that's got a bigger footprint in Europe, Middle East or parts of Asia, that could make business sense. But at the moment I don't feel the need to go acquire something in order to be successful with our strategic direction.

— Carol Wilson, Editor-at-Large, Light Reading