When we published the first Internet Resilience Report in 2024, the world was still reeling from the CrowdStrike outage that left airlines grounded and financial institutions scrambling. A year later, the stakes are even higher. The 2025 edition confirms what many of us already feel every day in IT Operations: resilience is no longer about uptime alone. It’s about protecting revenue, customer trust, and digital performance at scale.
One CIO we spoke with put it bluntly: “I don’t care if my systems are technically ‘up’. If my customers see the spinner, I’m losing money.” That sentiment echoes throughout this year’s data: slow is the new down.
According to the report, 73% of organizations say fast websites and applications are critical to success, and 42% say if apps are slow, they might as well be down. In a world where downtime costs millions per month, performance is no longer a “nice to have,” rather, it’s survival.
Key insights from the report
The 2025 Internet Resilience Report reveals how digital resilience has evolved from a technical metric into a board-level imperative, where speed, visibility, and accountability now define business survival. Here are the main insights:
#1. Performance is resilience
Resilience now has four dimensions: reachability, availability, reliability, and performance. The research depicts a clear shift in consumer behavior, where tolerance for sluggish apps is low, even if uptime looks perfect on paper.
#2 Best-of-breed monitoring is winning
73% of organizations use Internet Performance Monitoring (IPM), with a strong preference for purpose-built, best-of-breed tools over generic platforms. As one retail SRE lead told us, “Our APM kept saying everything was green, but customers couldn’t check out. Without IPM, we were blind.”
#3 AI resilience is a double-edged sword
AI now underpins Tier 1 applications, but outages or slowdowns are immediately felt by 57% of organizations. Meanwhile, 85% plan to increase AI investments in the next 18 months, showing just how central AI is becoming.
#4 Third-party dependencies can break resilience
74% say external providers are critical to digital success. Yet many orgs still rely on provider dashboards, which often underreport incidents. “We learned the hard way when our CDN went dark for 20 minutes — we knew before they did,” recalled one media company’s network architect.
#5 The cost of inaction is skyrocketing
More than half of respondents say internet disruptions now cost them over $1M per month. For 13%, the number exceeds $10M. Those aren’t IT costs; they’re boardroom-level risks.
The four pillars of observability in Internet resilience
Observability isn’t just about metrics and logs anymore. It’s the foundation for resilience. The four pillars that matter most in the Internet context are:
- Reachability: Can users access the service from where they are? This includes DNS, BGP, and global routing health.
- Availability: Is the service up and functioning as expected?
- Reliability: Will it work consistently, every time, across dependencies and providers?
- Performance: Is it fast enough to deliver seamless user experience?
These four dimensions map resilience from the outside-in, focusing not just on internal telemetry but on what customers actually experience. As the report notes, solely monitoring uptime is like checking if the lights are on while ignoring whether the doors are locked and the elevators are working.
Recommendations for IT Operations Teams
- Elevate performance monitoring.
Move beyond uptime SLAs. Define Experience Level Objectives (XLOs) to measure customer-facing performance. This reframes resilience in business terms: not just “up” or “down,” but “usable or not.”
- Adopt best-of-breed IPM.
One-size-fits-all monitoring leaves critical blind spots. Purpose-built IPM tools cover the full Internet Stack including DNS, WAN, BGP, CDN, and APIs to provide the outside-in visibility you need to stay ahead of Internet incidents.
- Don’t outsource accountability to third parties.
Monitor your providers independently. If your stack relies on a SaaS vendor, a CDN, or an AI API, assume they will fail and plan to detect and mitigate issues before your customers notice.
- Bake AI into resilience strategies.
Treat AI like any other Tier 1 dependency. Monitor it, test failovers, and plan for when it falters. The orgs winning in AI-driven ops are those combining AI investments with rigorous observability.
- Build the financial case.
Use the report’s data showing that 51% of organizations lose over $1M per month to position resilience spending as cost avoidance. It is easier to secure budget when leadership views it as preventing guaranteed losses.
- Clarify ownership of resilience.
Today, responsibility is scattered between CIOs, IT Ops, SREs, and business leaders. Use resilience as a catalyst to align IT and business around shared accountability for customer experience.
Final thoughts
Resilience is no longer a background process, rather, it’s the main event. The organizations that thrive in 2025 will be those that treat performance as core to resilience, adopt best-of-breed IPM, and prepare for a future where AI and third-party dependencies drive both innovation and fragility.
To borrow a line from a banking CTO we interviewed: “We don’t measure uptime anymore, we measure patience. And patience runs out in 3 seconds.”
If your monitoring stack isn’t designed for the Internet itself, you’re not resilient. You’re lucky. And luck isn’t a strategy.
Read the Internet Resilience Report 2025 (No registration required)
Summary
Uptime isn’t resilience anymore. The 2025 Internet Resilience Report shows that when every millisecond counts, performance is profit and “slow” means “down.” Discover why the strongest digital businesses monitor the entire Internet Stack, not just their own systems, to stay ahead of the next outage.
