0
Get A Free Quote

No Title

  • 24 August, 2025
  • No Comments

From Network Admin to Cybersecurity Consultant — A Long Journey

It’s 6:30 a.m., I’m at my desk, third cup of coffee starting to kick in — just back from DefCon, still jazzed about the hardware hacking village — and I was like, why not scribble down some of the hard lessons I’ve learned along the cybersecurity pathway. This is not going to be your standard fluff blogging. Nope. I’m about to take you behind the scenes—with honesty and humor and a little bit of embarrassment and maybe a rant or two (because, you know, that’s how I roll).

So I was a network admin starting in 1993. Yeah, I was elbows deep in configuring mux gear for voice and data over PSTN lines, long before anyone was talking seriously about security. If you’ve experienced it, you grok it — those were the days of denial of service being what happens when somebody pulls a plug. But those years planted the seed that grew in me.

Fast-forwarding to 2003 I fought on the battle front for Slammer worm infection. In case you’ve forgotten, Slammer was a wake-up call to everyone, and no one was immune, and the world discovered that network security wasn’t just being about spam emails. It is about perceiving every packet that flies in your wires. I can still recall the desperate scramble to contain that worm, as infrastructure ground to a halt.

Today, I am the founder/operator at P J Networks Pvt Ltd, I help solve technical problems, which includes but not limited to Cyber Security solutions, Managed NOC, Firewalls, Server & Router. I recently assisted three banks with the upgrade of their zero-trust architectures. And let me tell you, zero trust is not just a snazzy sound bite — it’s the game changer we’ve been waiting for.

Why Zero Trust Is a Must-Have Today

Here’s the thing with zero trust: For years, businesses operated under the unspoken assumption — If you’re inside the perimeter, you must be trusted. That’s like leaving your car keys with the valet and hoping they’ll never take it for a spin. Dangerous. With insider threats, supply chain compromises and remote work turning the network perimeter into a myth, trust by default is a risk.

For those bank projects I mentioned, the move to zero trust equaled:

  • No exceptions, identity verification revalidated at every encounter, regardless of setting.
  • Micro-segmentation of network workloads to prevent lateral movement.
  • Continuous watching — such as the presence of a 24/7 guard who knows what to look for.

And yes, it’s intricate and often costly to implement. But the alternative — blindsided by a breach — is worse.

An Ounce of Hardware Nostalgia from DefCon

DefCon this year? Mind-blowing stuff. The hardware hacking village is particularly special. The sight of hackers popping open a gadget you imagine to be impregnable, thanks to some obscure physical interface you overlooked, is a good reminder that cybersecurity isn’t all about software patches or firewalls.

As recently as last month, a client who is a person of his word had rung me in distress when a seemingly innocuous USB device went on to tear their network apart. It was, as it turns out, a hardware implant communicating with an unidentified server. You can patch all the software you like, but if the physical layer is broken, every lock is lullaby.

So this is why I’m suspicious when I hear vendors toss around the word AI-powered security like they’re throwing candy at Halloween. AI can aid — sure — but if someone’s got physical access or a clever hardware hack, ain’t no fancy algorithm going to be able to save you.

Password policies: It’s time to address this elephant in the room

If you paid me a rupee for every brain-dead password policy…

Here’s the deal with passwords:

  • Contrived complexities that defy human sensibilities? Useless.
  • Frequent mandatory resets? Users simply write them down, or use predictable rotations among predictable patterns.

In the early 2000s, the policies were draconian — eight characters, mix upper and lower, digits, symbols — take your pick. What did that accomplish? Well, everyone found it frustrating and it still didn’t prevent breaches.

And yet, organizations continue to rely on antiquated models. Here’s my hot take:

Forget forcing complexity. Just focus on length and how easy it sounds. Use passphrases instead.

Think of passwords like recipes:

  • A good recipe is simple.
  • It involves everyday ingredients assembled in a somewhat surprising fashion.
  • You remember it because it tells a story (doesn’t sound like random gibberish).

And add to that two-factor authentication — well, you’re kind of scrapping.

What I Learned Slinging Firewalls and Routers

Installing firewalls and routers isn’t just about plugging in boxes and walking away. I inherited a client’s network that the firewalls were configured by a guru that left 3 years ago. Many of the rules counted twice, some were just plain dangerous (wide open to the world for no good reason), and none were unused vendors defaults. Guess what happened? The explosion of ransomware that should not have happened.

Some fast firewall lessons from real life:

  • Change default configs immediately. Seriously. Always.
  • Review firewall rules often – outdated rules can be attack surfaces.
  • Use in-depth, remote-access VPNs.
  • Monitor logs. Don’t just collect them—read them.

Routers? That’s another can of worms. Years ago, upon first working with routing protocols on Cisco gear, OSPF felt mysterious. Now it’s just second nature, and yet I still come across networks where the routing is a total mess. And for tangled paths, think delays, outages and security gaps. Always subnet your internal networks when it is feasible.

Quick Take: One Thing I Wish Everyone Knew About Cybersecurity

  • Cybersecurity, it’s not a product — it’s a practice.
  • Common sense still prevails: Patch, watch and teach your people.
  • Zero trust is the future — don’t wait until its too late.
  • Spend for hardware security — like physical security, it’s the weakest link.
  • Passwords must be intuitive. Complexity is not security.

Wrap Up (Before the Next Pour)

Security is like cooking a great biryani: It requires patience and the right mix of ingredients. Hey, miss one sprinkle of spice and the whole dish is ruined. Same goes for cybersecurity. You need the right tooling — firewalls, secure routers, sensible password policies — and a mentality that doesn’t trust anyone (yes, even (parts of) your own team at times).

I’m still learning every day. I’ve made mistakes — my clients have, too. But if history has taught me anything, it’s that there is no substitute for adaptability and real understanding, and these always trump buzzwords and sales pitches.

So, yeah. Keep your coffee flowing. Keep your networks segmented. And remember — security is not just technology; it’s how you think.

Ok, on to my fourth cup of coffee.

Cybersecurity and Network Protection Image

Leave a Reply

Your email address will not be published. Required fields are marked *

Categories

Let’s Talk About How Can Help You Securely Advance

Get A Free Quote