0
Get A Free Quote

No Title

  • 19 August, 2025
  • No Comments

My Journey in Cybersecurity and Network Management: 1993 to 2024

It’s 2024 and I’m sittin’ here at my desk, third cup of coffee is in my hands and I’m sitting back, thinking about a journey that started back in 1993 when I was network admin. It was a different era for network management, back then. We were using bloated multiplexers for voice and data on PSTN, just trying to keep the thing running without attracting too much attention. So, here I am now, thirty years later, running my own cybersecurity consultancy, P J Networks Pvt Ltd and helping businesses and banks on how to improve their defenses from this ever-evolving threat.

Cybersecurity Expert Sanjay at PJ Networks Pvt Ltd

The Reality of Cybersecurity Today

Here’s the deal — cybersecurity is no longer about fancy tech or shiny buzzwords. I just returned from DefCon, the hardware hacking village there takes the cake, with clever people demonstrating how physical access or a funny USB thing, can utterly defeat the most sophisticated firewalls and AI powered systems. And yes, I continue to be somewhat skeptical of all the latest AI-powered security magic claims (more on this in a minute).

From Networks to Worms

When I first stepped out into the big, bad world at the end of the 20th century, I made a lot of rookie mistakes when I got my hands on the Slammer worm for real. It was 2003, and the worm spread so quickly that entire networks went dark in moments. No one saw it coming. We were trying to patch SQL servers — let alone reaction time. I learned two things then that no book or webinar ever could have taught me:

  • It is unacceptable for security to ever be an afterthought.
  • Single vulnerability, massive fallout.

From the wired-wireless days and PSTN mux gear, I now work with organizations to layer defenses — from firewalls to managed NOCs — that detect and respond to threats before they cause damage.

Getting Real with Zero Trust

Which brings me to evolving strategies: Recently I’ve been helping three banks modernize their zero-trust architectures. This wasn’t a mere checkbox — it was remaking their security posture from the dirt on up. Zero trust is not a pet project, it’s not a marketing slogan, it’s the idea that you never trust by default.

But here’s my hot take: a lot of companies are like zero trust, oh, that’s a fancy firewall or like an identity provider thing. Nope. It’s a complete strategy requiring validation, encryption, micro-segmentation and — most importantly — a culture shift.

Some quick nuggets from those efforts:

  • #1 See all the things – Asset inventory and visibility has to be 100% right or zero trust breaks.
  • Micro-segmentation is not just a technical feature—it is organizational policy enforcement.
  • User behavior analytics can help you detect anomalies — but don’t just depend on automated alerts.

Password Policies — A Rant (Yes, It Is Coming)

Everyone’s obsessed with password complexity. Mix upper, lower, digits, symbols, yadda yadda. Here’s the thing: that formula is a massively out of date method that infuriates users and even tends to make security worse. Why? Since complex passwords lead to predictable coping schisms:

  • Writing them out on a sticky note.
  • With mild differences between individual sites.

Here’s a better recipe:

  • Encourage long passphrases. Consider: I 3 ~@#$%&* my car instead of P@ssw0rd!
  • Use MFA (multi-factor authentication) — that’s where the game changer is.
  • Teach users about Phishing, don’t live solely to force a certain level of complexity in a password.

Password policies should be built more like your grandma’s pot of slow-cooked stew — basic ingredients, the same system, and it works every time.

The Hardware Hacking Reality Check

DefCon’s hardware hacking village really drove that point home. You can have a network with no leaks — but if an attacker sticks something malicious into your USB port, or rigs your endpoint hardware, encryption and firewalls don’t help you.

But people in the security community can still have a misplaced sense of physical security layers. This is where I part ways with the crowd:

  • If your physical security isn’t good enough, digital security won’t ease the issue that much.
  • Lock down unattended workstations.
  • Vet USB and peripherals with tight controls.
  • Enforce the same level of governance on endpoint hardware as software.

I suspect more companies should be investing in hardware security modules and tamper resistant devices, not just the next latest software patch.

Managed NOC & Network Infrastructure: The Unheralded Heroes

When all the kids are excited about this new firewall, this new type of cloud config, I go lilly-livered for network operations centers and routers/servers 🙂 Here’s why:

  • Networks are the nervous systems of orgs.
  • Good surveillance detects anomalies and blips early.
  • Preventative maintenance prevents disasters. Frequent or occasional maintenance could help prevent unexpected and devastating failure.

Far too often, companies don’t listen to their NOC because it’s so dull. But in my anecdotal experience, it’s the difference between it being a minor blip and a major, category 5 breach.

Believe me your routers, firewalls and servers are your front line of defense and your last line of defense. Neglect them at your peril.

Quick Take: What You Need to Remember From Today

  • Cybersecurity is an endurance race not a sprint. Build layers of defense.
  • Zero Trust is not a plug-and-play; it’s a philosophy.
  • Passwords? Passphrases plus MFA win. Complexity alone fails.
  • Physical security matters. Don’t overlook hardware threats.
  • Keep your network infrastructure up to date. It’s more critical than ever.

Mistakes This Week that Taught Us Something and Moving Forward

I’ll be the first to confess: Over the years, I’ve made my share of mistakes — such as underestimating insider threats or leaning too heavily on automated scanning tools. But each mistake was a lesson in forming how I view security today. And I bring that perspective to every client engagement because we’re all worse off when we pretend to know it all.

And you know what? That’s what keeps me going. Cybersecurity is ugly and often annoying, but it is unavoidable. It’s like driving one of those old cars — you never drive it perfectly, but if you know what you are doing and you do drive carefully, you get to where you are going and nobody gets hurt.

So if you need help that’s not one-size-fits-all, but actually worn in, I’m here. For behind every firewall and NOC at PJ Networks Pvt Ltd, there is an entire generation of knowledge, experience, and a mission to protect your business around the clock.

Until next coffee,

– Sanjay

Leave a Reply

Your email address will not be published. Required fields are marked *

Categories

Let’s Talk About How Can Help You Securely Advance

Get A Free Quote