From 3 Cups of Coffee to Cybersecurity Insights: My Journey from the 90s to Today

3 cups of coffee in and not tired enough to write this – here’s a piece of my journey and some real shit I’ve seen with this cybersecurity thing from the early 90s to today. I’ve been at this longer then when cyber-security became a buzzword, back when I was running network cables and multiplexers passing voice and data over POTS (Plain Old Telphony System). Yes, that’s well before most of you knew what ‘packet switching’ meant. But enough nostalgia (though I do love it) — let me offer up a few experiences and some insights that I hope will save you from repeating my mistakes.

From Network Admin to Cybersecurity Consultant: The Journey So Far

I began in 1993 as a network admin. At the time, security meant more locking down physical frames rather than defending against the ceaseless waves of digital assaults that seem inescapable today. Remember the Slammer worm of 2003? Yeah, that was archenemy territory, I fought that, I sat in the front lines watching some small bit of evil do a full system crash on one of the biggest banking systems in the world. The lesson? Believe it or not, patch management is not just IT jargon – it is life or death for your network.

Now running P J Networks Pvt Ltd, we take care of everything from firewall implementation to protecting server farms. More recently, assisted three banks in transitioning to zero-trust architecture, which – by the way – is not just another buzzword everyone feigns to get. It is a security model where you trust absolutely nothing by default on the Internet, or on your own network, and always verify it yourself.

And while we’re on the topic of increasing security, I just returned from DefCon, drooling over the hardware hacking village (it was insane cool). If you thought that cybersecurity was all software and firewalls — not so fast. But real protection is knowing what’s going on behind the scenes of nuts and bolts and silicon chips.

Quick Take: What You Need to Know Right Now

  • Patch early, patch often. Slammer, he taught me the hard way.
  • Zero-trust is not only theory, it’s a necessity in today’s world.
  • Hardware hacking is a growing vector of attack.
  • Password policies? If you don’t think them through, they can even make things worse.
  • Watch out for any so-called AI-powered technology; hype is not security.

Insights from the Trenches: Slammer Worm and More

Let me take you back to 2003. The Slammer worm was like the annoying pop song you couldn’t get out of your head — except it hijacked your SQL servers and dragged down ATM networks. Banks? A nightmare. This event compelled many companies (and my clients at the time) to re-evaluate security from the practice of reactive patching into proactive defense.

The painfully obvious — patch management and getting ready — were weak links the size of the Holland Tunnel. I failed back then; I had missed a crucial patch that temporarily messed up the voice mux lines. Won’t do that again (traumatized me for life).

What’s truly hilarious (in a jarring sort of way): There are still those who believe that upgrading software by patching it breaks that same software too much to be trusted. Seriously? You can do that differently, too I guess, but this is 2024 – if you won’t update because downtime scares you, and that’s the problem with scripts that You Use because You Must, I need you rethinking your whole life, lady.

Zero-Trust Architecture: Real Bank Upgrades

So forget the buzzwords for a moment — zero-trust is a mind-set, a fundamental shift that is annoying to implement but well worth it. For three of our banks, we literally pulled out the traditional perimeter-based controls and replaced them with micro-segmentation, continual authentication, and rule-based access.

Stuff we made (I’m not just talking jargon here – I mean stuff):

  • Demanded multi-factor authentication everywhere. No exceptions.
  • Implemented network segmentation to restrict lateral movement.
  • Implemented continuous endpoint monitoring to alert on anomalies immediately.
  • Automated lifecycle management of identity to minimize stale credentials.

And get this most banks had this hybrid model that languished in the middle, thinking they ‘kind of’ did zero-trust. Guess what? Half-measures don’t cut it. You’re either all in, or you’re just tripping through compliance.

My biggest rant? Technology We all F_ckedUp, but We won’t Admit it – (Design It Right 1st Time) Part 2 – Passwords, safeguards vs usability Must read Password complexity without usability is productivity killer.

Password Policies: My Take (Sit down for this one)

Here’s the thing — unnecessarily complex and rigid password policies have made dicier not more secure:

  • Passwords are written on sticky notes (and often stuck to monitors)
  • They reuse them across platforms
  • They lose them, and cause resets which clog up the helpdesks

My advice? Focus instead on password managers and multi-factor. Just keep on educating users instead of trying to trick them with stupid rules.

I’m even leery when any security solution starts telling you about AI-enabled password analyzers or “smart” complexity checker. Because the more we automate things, the more we lose what is distinctly human — and hackers thrive on that.

DefCon and The Crackling of Hardware Hacking

Fresh from DefCon’s hardware hacking village. These people are paid to physically tear apart devices you’d never give a second thought to — printers, IoT gizmos, even the “smart” locks on the doors of corporate offices. Oh, and these devices are gateways.

The middleware: your firewall and software patches count. But hardware? The physical layer — always an afterthought — can blow everything to hell.

Here’s more of what I’m telling clients:

  • Add hardware auditing to your security review list.
  • Employ tamper-evident seals and inventory tracking.
  • Train staff against connecting random devices to the network.

No fancy buzzwords here. Just old-fashioned common sense with a sprinkle of paranoia.

Routers, Servers, Firewalls: The Core Thats Never Sleeps

At my firm, where zero-trust and fancy new tech are all the rage, I’ve kept saying to clients that it always begins with the fundamentals:

  • Keep your firewalls safe with the latest firmware and polished rulesets.
  • Secure your servers by turning off unnecessary services, and enforcing restrictive access.
  • Routinely audit and optimize router settings.

This might seem like yesterday’s news, but the volume of breaches caused by misconfigured routers or firewalls is staggering. If this seems like the sort of thing you should already be thinking about, you’d be surprised at just how much many of the highest-profile breaches are caused by a failure to cover the basics.

Final Thoughts: Cybersecurity Is a Road, Not a Destination

Man, when I used to crank network cabling and tune multiplexers — we’ve come a long way. But the fundamentals haven’t changed:

It helps to think of security in terms of layers — everything needs to be integrated or we have a leaky boat.

And patching? Mandatory.

Zero-trust? The future.

Password policies? Should be smart and user-centric.

Hardware? Don’t ignore it.

AI and hype? Stay on your toes and your cynicism robust.

So, if you are still reading this, congrats. And go ahead, make yourself a cup of coffee (or whatever you prefer). Because cybersecurity, even with all the buzzwords, complicated tech and panicky headlines, comes down to knowing your environment and remaining vigilant — and ready to adapt.

As with taking a classic car onto a contemporary freeway — stay vigilant, keep the engine healthy, obey the traffic laws.

Stay safe out there.

— Sanjay Seth
P J Networks Pvt Ltd

Leave a Reply

Your email address will not be published. Required fields are marked *

This field is required.

This field is required.

sales@pjnetworks.com
(+91)9818361787
C-160 Mayapuri Ph II
Copyright © 2025 PJ Networks: Innovative Networking & Cybersecurity Experts, All Rights Reserved.