From Network Admin to Cybersecurity Consultant: Lessons Learned Over Decades

Hey folks, Sanjay Seth here—coming to you with the slightly jittery energy of three coffees and a mind still buzzing from the recent DefCon (that hardware hacking village was just, wow!). But let’s dive into something I’ve been mulling over with a dose of nostalgia and urgency: cybersecurity.

The Early Days

I cut my teeth in the world of IT way back in 1993 as a network admin. Remember those days when everything was over PSTN and we thought multiplexers were the pinnacle of tech? Simpler times—but also a bit of a Wild West when it came to cybersecurity. Then, of course, came the Slammer worm in 2003. If you were around back then, you know that was more like a slam to every IT professional’s face.

Fast forward to today, I run my own company—P J Networks Pvt Ltd—where we’re at the cutting edge of security solutions, helping even banks transition to a zero-trust architecture. Yes, banks! And let me tell you, each experience keeps taking me back to those foundational days where I learned what not to do.

Quick Take

• Network Security has evolved—vastly! Remember your basics.
• Zero-trust isn’t just a buzzword. It’s a necessity, especially today.
• Hardware hacking is making a comeback—stay informed.

Case Study: Banks and Zero-Trust Architecture

Recently, I worked with three major banks on upgrading their security to a zero-trust model. Here’s the thing—these were institutions still partially relying on perimeter defenses (a big no-no today). It’s like trying to defend a medieval castle with just its moat while ignoring archers—risky strategy if you ask me. Zero-trust, instead, assumes that threats can be from inside or outside, treating every user and application as untrusted until verified.

• First step? Mapping Data Flow. Know what data you have and how it traverses.
• Implement micro-segmentation. Don’t just partition networks; control lateral movement.
• Continuous verification. No one-time authentication. Keep checking—and rechecking.

Whether you’re running a bank or a small firm—consider this architecture. Because threats won’t wait for your next board meeting to strike.

DefCon Buzz and Remote Vulnerabilities

Having just returned from DefCon, I can’t stress enough how enlightening it was to deep-dive into hardware hacking. We’re in an era where IoT (Internet of Things) devices have entered the workforce—bringing vulnerabilities right to our digital doorstep.

Imagine your digital infrastructure as a front yard. These IoT devices? They’re like those cute gnomes. Harmless, right? But without security, they might just invite the wrong kind of guests. Remote vulnerabilities are on the rise, and as much as I love tech evolution, it’s these gaping security holes that keep me up at night (sometimes literally).

• Audit and monitor every device in your network.
• Limit device access to necessary services only (overkill is your friend).
• Regular firmware updates—don’t ignore these, ever!

Password Policies: My Unpopular Opinion

Okay, a little rant here—password policies suck. I mean, let’s be real. Forcing users to change passwords every month? That’s just admin busywork disguised as security effort. Here’s a more effective approach:

• Encourage strong, unique passwords.
• Promote password managers—seriously, they’re lifesavers.
• Multi-Factor Authentication (MFA) isn’t optional, peeps. It’s mandatory!

Cars, Cooking, and Cybersecurity

I often compare cybersecurity to maintaining a car. You wouldn’t drive your vehicle without regular oil changes, would you? Similarly, your network requires routine check-ups and tweaks. Is your firewall configured properly? Are your routers and servers up-to-date? Just like a well-tuned car engine—or a perfectly cooked dish—cybersecurity requires patience, consistency, and attention to detail.

And here’s an opinion that might ruffle some feathers—I’m skeptical of AI-powered solutions. Yes, they offer automation and efficiency, but blindly trusting machines to handle all security? Recipe for disaster. Blend AI with human oversight for best results. Always.

Closing Thoughts

So there you have it. A mix of nostalgia, caffeine-driven thoughts, and hard-learned lessons from Sanjay Seth. Whether you’re an IT veteran like me (still can’t believe it’s been three decades!) or a newcomer to the field, remember: cybersecurity isn’t a destination. It’s a journey. One filled with ever-evolving threats but also incredible opportunities for innovation and growth.

And for those just tuning in, don’t wait for a cyber slammer to nudge you awake. Stay proactive, stay informed, and always challenge the status quo. Until next time, keep your networks secure and your coffee cup full!