My Journey in Cybersecurity and the Evolution of Zero Trust Architecture
Here I am, sitting at my desk after a third cup of coffee and coming off the rails but still OK enough to put thoughts together. — 3 min read
Early Days as a Network Admin
My journey began in ’93 — I was a lowly network admin. Back in the day — when dial-up was king and networking often involved fighting with those ginormous muxes juggling voice and data traffic over PSTN lines. Man, those were the days. Not just know, I mean know your gear and it wasn’t gonna be fixed for you with some fancy patch or update overnight. It was very much hands-on, it was quite relentless, and…honestly speaking, there is not much room for forgiveness. You made a mistake and you knew it right away.
Facing the Slammer Worm
Then, several years later in the early 2000s, I was up close and personal with one of the most infamous worms of all time: Slammer. That little beast? A sneeze in a crowded room that spread faster than anyone could imagine. I recall those panicked hours racing around trying to put out the fire and patching over a compromised system at the last minute, being forced into the realization that even the top networks could be broadsided by some of this rankest fundamental misstep. The kicker: back then, nobody talked about zero-trust. The just-do-it mindset was, trust everything inside your perimeter. Dumb, yeah? But it was the standard.
Current Role and Zero Trust Architecture Upgrade
But today, allowing me to virtually turn this rivalry on its head is the pleasure I enjoy running my own cybersecurity shop. Reasonably By The Book Zero Trust Architecture Upgrade for Three Banks — I was in my own hometown helping to upgrade the zero-trust architecture for three banks, and as strict and rigorous as it certainly is: such a relief! However I am still too hung up with how we the people, can be a bottleneck. Regardless of how fancy your firewall or intrusion detection system is, one split second look away from your endpoint… and boom.
Quick Take
- Began as a network admin managing muxes over PSTN in 1993
- Worked through the Slammer worm havoc
- Now Banks Selected as First Large Scale Upgrade to Zero Trust
I’m still kind of in a DefCon-Hardware-hacking-village-mode. I am going to simplify it for both the veteran and new trader alike.
What I’ve Learned (or Found Out the Hard Way)
Patch1.2.3 — Can you even imagine, patching this and holding your breath?
Slow Down You Move to Fast: The Slammer worm And A Lesson In Actionable Observability — speed and visibility saves lives — network lives设定$image hosted on Flickr And that speed only works if you have good timely intel from your network. Having been on the consulting side for 10 years I have seen way too many environments where patching is a quarterly joke and that fact that they have users with admin rights on their machines. It would be like giving someone the keys to a racecar and not telling them that they need to wear a helmet.
Here’s the thing about zero-trust:
- It is not just a buzz word or check box on an audit
- NEVER Take Trust for Granted even if you are behind the firewall
- It requires a level of granularity and real-time analytics that has fallen well short in practice.
- Specific to UMA, no access without continuous authentication and verification to be in place
Hey this was not an easy roll out with banks as old legacy systems fought the new beat in many places! Firewalls? Sure, they are still essential — but coupled with micro-segmentation and heavily controlled endpoints. No more once-you’re-in-your-good-to-go mentalities. The firewall is no longer the castle moat, it’s a road stop with cameras, police and dogs.し
Thoughts on AI in Cybersecurity
Well — as you saw above, I am also skeptical of the shiny new toys that are called AI powered. Hype being a word that fit easily in with all the others as so much data center. While AI will help, I think it is really just pattern matching at scale. It is a tool, not a magic wand to solve every defect. Fundamentals are what your security posture depends on — good hygiene, education, and sensible architecture.
What We Learned at DefCon: Hardware Hacking and Why It Is Important
From the hardware hacking village at DefCon — fresh off the wire! Physical Security and Hardware-Level Flaws are the Wildcards In a World that is Drowning in Software Vulnerabilities If you’re not thinking about making sure your hardware attack surface is protected, then you’ve basically left the back door wide open for this type of exploitation: USB sticks with chips that are hidden; IoT devices that fold like marshmallows.
Thinking it over, I realized something very important:
- The one your own firewall cannot even recognize.
- Your Routers and Switches Firmware is a Soft Spot
- Physical access = somebody can bypass all of your fancy software rules
So here’s what I recommend:
- Always perform hardware audits.
- Implement firmware integrity checks
- Physical Security Training for your teams
Yes, you read that right… Secure a network without hardware checks on ALL your nodes — just like a souffle with incorrect configured oven. It’s going to collapse.
A Rant About Password Policies (And Why Someone Needs To Say It)
Brace yourself. We all know what a pain password policies are — complexity requirements, changes every 90 days, etc. However, as someone who’s witnessed a password reset or two in my time, let me tell you something only some of the pros know:
- They mostly frustrate users
- Weaker Passwords (Hi Password1!)
- Generate more support tickets than stops actual breaches
Stop the madness.
What works better?
If you have to remember passwords, the most secure alternative is to use a memorable passphrase.
MFA is no longer an option!
Instead of password gymnastics, these MTD approaches focus on the identification of unusual behavior.
Now, of course a lot of people will disagree — but hey, I learned to program using CLI interfaces and experience far outweighs theory.
When Firewalls, Servers and Routers Remain Relevant
Given the rise of the cloud, and global mobility some old school solutions seem to be like a rusted out typewriter for cyber security. Do not be mistaken — the first (and many times last) line of actual defense is still your firewalls, servers, and routers.
Let me put it like this:
- Everything networks—Firewalls are gatekeepers (We mean, for east-west traffic inside your network too as it goes back to microsegmentation)
- The rest of your ops stuff lives on servers. Harden them. Patch them. Monitor them relentlessly.
- Routers are the traffic cops that guide data through, barricading off suspicious detours.
You ignore them doing so at your own risk.
The bigger mistake I see? Instead, enterprises are sprinting to apply AI fairy dust without first closing these basic gaps Hence AI would be a wonderful co-pilot but not yet the driver.
Parting Thoughts
The reality is, cybersecurity today isn’t simply a tech issue — it’s a business imperative that calls for some moderation; yes, and even paranoia. From the days of PSTN multiplexers taking a call drop to be a nightmare, through Slammer demonstrating just how quickly pandemonium can spread, to zero trust models which make you rethink what exactly is being trusted — it has been quite the journey.
It was wonderful to work with clients that understand security is not a product, but an ongoing process (and similar to preparing a good curry — all ingredients are important and taking shortcuts almost never ends well).
Solidify your fundamentals, show some respect for hardware, reconsider password policies, and do not believe in the hype unless it is proven. That’s my mantra.
Now—time for coffee number four. Happy coding, and keep those firewalls up!
— Sanjay Seth, MD P J Networks Pvt Ltd