From PSTN to Zero-Trust: My Journey in Cyber Security

OK, so here I sit, leaning back to my third coffee for the morning and banging away on the keyboard and up they come…memories of a time before….icons in one view but essentially starting as a network administrator all the way back in 1993 (scary I know). The days when voice and data over PSTN was cutting edge. So, fastforward to today, well i am the owner of my cyber security firm P J Networks Pvt Ltd, And that thrill supporting organizations secure their digital perimeters is still on. But first, let me rewind because I have some lessons learned and stories that I hope can help spare you the few headaches I still shake off.

History of terminating PSTN lines to zero-trust architectures

Back in the early 90s, I was that guy who had to juggle muxes (multiplexers for the uninitiated) where your voice and data shared the same pipes through PSTN. Fragile, slow and, well, just a tad like driving a 1960s car in the traffic of today. However, that formative experience taught me one of the most important principles in security: layered security well before it was cool to say so. You could not just close the door without checking who they were first.

First up was the Slammer worm in 2003–if you don’t quite remember, it almost took out big networks in matters of moments due to their SQL Server Exploits. I watched it unfold when entire networks went into what we call lockdown mode. And that was the problem: most people had not installed their patches. Lesson? Patch management isn’t glamorous. It’s tedious. However, it turns out that ignoring this piece opens up a goldmine for attackers.

Fast forward to today — over this past month alone, I have been assisting three of the biggest banks with their zero-trust architecture uplift. That is to say, no more trust but verify. It’s never trust. She is so scrutinised about everything and anything rivacy This is no longer the same game of perimeter defenses playing cyber-roadster, in part since the move from a zero-trust defense to going golden age rolling with some guy down PSTN boulevard at 35 mph is much more costly and difficult.

DefCon: The Hardware Hacking Buzz

Still coming down from DefCon; feeling the buzz. The hardware hacking village BLEW MY MIND. All the converse about software but seeing physical vulnerabilities on networking devices, routers and firewalls drove home one thing: the toughest firewall isn’t going to save you when someone plugs in a compromised device behind it. This is one of the topics many security pros simply gloss right over.

Here’s what stuck with me:

  • Hardware is Slow for Link. Firewalls are actually quite impermeable, but you would be surprised at the number of devices still shipping with default passwords (great!!!). ports of debug wide open, or massively insecure debug ports.
  • Physical access means having full control In short, it is akin to leaving your car with the keys in ignition. In short, the anti-theft system be damned. The whole stack must be secured
  • IoT and connected devices have just made the game more complex. Every smart device is a potential backdoor.

Related Security Tips

  • Patch your systems religiously
  • Leverage Zero trust security practices — more so in the sectors demanding, e.g banking
  • Do not forget about additional physical security for hardware
  • The security claim really is AI-powered: Be extremely doubtful about any of these. Most are just marketings BS

The Never-Ending Password Policy Debate

Alright, I had to get that out of my system a little. Password policies are broken. I get it. You can use such recommended options as complex passwords, frequent reset of the password or also multi-factor authentication. But 20-character alphabet soup passwords that expire every week? Ineffective and annoying.

Here’s the thing:

  • Complex password policies are despised by users because they are unrealistic.
  • It results in password reuse, sticky notes on monitors or worse
  • Make sure you use Multi-Factor Authentication (MFA), every single place you can

But I have seen companies that spent millions on fancy password vaults only to watch their employees write passcodes on a Post-it Note. Closing thoughts: Focus more on usability/security Humans Not Robots — Your users are humans.

Practical Wisdom Right From My Desk

Based on my experience consulting with defense firms and especially financial institutions, I offer a few hard-won best practices:

  1. Layered Security is non-negotiable.
    Firewalls aren’t enough anymore Endpoint + intrusion detection + behavioral analytics
  2. Zero-Trust is not just a buzzword; plan it step by step
    Taking the first step – dividing your network – Authenticate and authorize continuously
  3. Check the hardware; both physical and digital.
    LOOK FOR DEFAULT PASSWORD ON DEVICES Physical access: routinely audit physical entry points
  4. Patch everything—even legacy systems.
    If you Can not Patch,Segment – Prioritize based on criticality
  5. Educate your team.
    Tech meh: The worst tech failures of 2018- The best tech fails without human beings Phishing simulations and training − AssemblyCopyright by/\subseteq 2018 Medium.

Still Skeptical of AI-Powered Security?

Look, I get the hype. AI sounds magical. But at the end of the day, it’s often little more than reams of compiled data squeezed through algorithms an even moderately talented hacker can manipulate. Again, I am not trying to say AI has no rightful place but what I believe is it might probably be the magic bullet that many vendors are advertising.

This is NOT actual security: Security, like an ogre — or democracy — has layers(outdated pop culture reference, I know) Someone who truly loves information security. Even the best AI detection tool does not always impress as much as the gut feeling of an old-school expert.

Close: From Old School to Cutting Edge

Or as a brief summary: this is how the evolution from me as an early network admin… managing PSTN muxes and surviving worms like Slammer, to I led zero-trust implementations for banks (not joking) and went to DefCon hardware hacking village (very not joking). And in safety, as in any industry, your weakest link is your weak link.

Remember:

  • Don’t get lazy with patches
  • We are cautious but reasonable about the use of passwords
  • Yes To NoTrust; It Takes Time to Implement
  • Do not jump straightway to purchase of AI solutions
  • And never forget the physical security of your hardware

This is not only a theory – I use it for my clients literally every day and making me sleep well knowing that their applications are harder to hack than generally developed with popular practices. Tech can feel like the biggest recipe of them all — just enough RIGHT ingredients, mixed and doctored accordingly with a touch of experience here and there. Oh, and you just might burn the sauce. They will never end you will just keep learning and tweaking.

And again, thanks for withstand-ing my caffinated ramble. Its quite a long road to achieving cyber peace of mind, but it is worth the effort for anyone who still believes they can achieve that. Stay sharp.

Leave a Reply

Your email address will not be published. Required fields are marked *

This field is required.

This field is required.

sales@pjnetworks.com
(+91)9818361787
C-160 Mayapuri Ph II
Copyright © 2025 PJ Networks: Innovative Networking & Cybersecurity Experts, All Rights Reserved.