Why the Network Needs a Proof Layer Before the Agents Arrive
Why the Network Needs a Proof Layer Before the Agents Arrive
https://www.cybersecurity-insiders.com/why-the-network-needs-a-proof-layer-before-the-agents-arrive/
Publish Date: 2026-05-23 04:54:00
Source Domain: www.cybersecurity-insiders.com
In a recent Cybersecurity Insiders interview, Tufin’s Erez Tadmor, Global Field CTO, and Sagi Bar-Zvi, VP of Sales Engineering and Customer Success, discussed why network security has become harder to prove even as organizations add more controls. Their central point is simple: most enterprises have policies, tools, and segmentation plans, but far fewer can show whether those controls still produce the intended posture across the live network.
Behind that disconnect is a practical question CISOs increasingly have to answer under pressure: does the network actually enforce the security posture the organization believes it has?
Erez Tadmor, Field CTO at Tufin, put the architectural problem in one sentence. “Each individual control may look reasonable in isolation, but if you look at it from an overall posture perspective, you may still violate the intended policy,” he said.
The controls may exist. The policy may be approved. The segmentation diagram may look right. The missing answer is whether the live network still behaves that way.
“They want to know if the organization is exposed in ways that they don’t understand,” Tadmor said. “They may phrase it differently. They may ask, can any critical systems within the network be accessed? Does the segmentation plan that we all worked on together actually hold?”
The data behind those questions is unflattering. A 2026 Cybersecurity Insiders survey of more than 600 practitioners found that only 11% can confidently report east-west segmentation posture on demand, while 58% said they cannot. Confidence drops further across cloud networks (35% not confident) and remote access environments (46%).
Sagi Bar-Zvi, VP of Sales Engineering and Customer Success at Tufin, said the question of whether the network is actually doing what it should be doing comes up constantly. “They spend a lot of time hardening their environment, spending budgets on devices, firewalls, segmentation. But when…
