My Cybersecurity Journey: From PSTN to Zero Trust and Beyond

I’m the founder of P J Networks Pvt Ltd. My third coffee down I start pondering as to where this entire cybersecurity journey began; and that was way back in ’93 I recall. A network admin at the time struggling with the issues of voice/data multiplexing over PSTN — that archaic beast we have long since forgotten about. But those early days? They taught me all I needed to know about just how illusory security actually is.

Today, as the head of my own security shop, I am still carried to school daily by fast-evolving threats — but this much I know: fundamentals matter. Oh, and if you believe a shiny AI-driven solution will somehow solve the holes in your network? Well, I’m skeptical—very skeptical.

A Little Background — Why This Is Still Relevant

I have lived long enough to have witnessed the Slammer worm. Yeah, that firecracker exploded in the internet like a wrecking ball — you know, disruptin’ banks, governments, even airports. It was a rude awakening. Patch management was not exactly top of the list for I.T. staff at the time. Now? It should be your religion.

Fast forward to today — of late, I’ve assisted three banks upgrade their zero-trust architectures. I’ll tell you this much: zero trust is not some buzzword. It’s a philosophy. A pain in the neck at times, but better a headache than a breach.

Zero Trust — No, It Isn’t Just a Buzzword

Simple: Never trust, always verify. You chunk your tech landscape into microsegments. Nothing is trusted, no user, device, or request is inherently given access. No exceptions — and no slack for trusted internal networks anymore (a thing, once upon a time).

Here’s what I hammered those banks on:

• Multi-factor authentication. Always.
• Microsegmentation of critical assets.
• Behavioral analysis with live monitoring (not just collected logs gathering dust).
• Enforce strict posture checks on device before allowing access.

The good news? Banks are finally waking up. The bad news? Most companies regard zero trust the way most people used to view lifestyle changes — as something to do when you have the extra time and resources, not as a matter of life and death.

DefCon Vibes: Hardware Hacking and How You’re All Going to Die

So returned from DefCon last night — man, the hardware hacking village was awesome. They demonstrated how attackers contort the physical stuff in your network — routers, firewalls and IoT devices — to their will. If you believe a firewall’s what’s sitting between you and those nasty people in cyberspace, think again.

Let’s give a simple analogy: the firewall is the lock at your home’s front door. But if someone can pick the lock, sneak in through the basement window or even open the garage door at a distance? That door won’t matter much.

I have had clients spend big bucks on the newest and best firewall tech, only to figure out that hardware vulnerabilities were still their Achilles’ heel. So, don’t dismiss physical and firmware security. Check, update and on occasion replace hardware before it lets you down.

The Password Policies—My Not So Secret Rage

Okay—rant incoming. Password policies that require users to change passwords every 30 days? That would be like telling someone to change the oil in their car every week. Pointless and annoying. Users create Password1!, Password2! and so on. Does that stop breach attempts? Nope.

Here’s what I recommend:

• Promote passphrases over passwords (long, memorable, unique).
• Use multi-factor everything.
• Teach users why strong passwords matter, instead of just policing them.

Security is better, and users are not as likely to be pulling their hair out.

A Journey in Security from PSTN to Cloud

Remember when people used to get worked up about multiplexing voice and data over PSTN? Those days were… simpler. But the stakes were not as high. Today, the cloud, SaaS, hybrid infrastructure — they all add complexity, which means opportunities for attackers.

This is my philosophy at P J Networks: never trust the cloud simply because it is fashionable.

• Audit and control your cloud access.
• Apply those same zero-trust principles, but in a tailored manner.
• Lock down your APIs — they are the new attack surface.

Quick Take If You’re in a Rush

• Zero Trust is no longer a nice to have. Implement it stepwise.
• Don’t overlook hardware security — your firewall isn’t bulletproof.
• Password policies User’s strength, not frustration!
• I was saved by patching in Slammer — and it saves you, too, today.
• Don’t believe the hype about AI-powered security. Sometimes it’s just marketing buzzwords.

Final Thoughts Before I Have My Fourth Coffee

Here’s the thing: Cybersecurity isn’t a checkbox or something you can buy off a shelf. It’s a practice — a practice that requires eternal vigilance and continual learning. From my youth playing around with ambient PSTN multiplexers, to battling worms like Slammer, to aiding banks in their adoption of zero trust — it’s a journey.

Mistakes? Plenty. I have even misjudged a firmware vulnerability in a customer’s router. It cost them a breach. I learned the hard way: always think outside the software.

But let’s be honest: That’s the fun part, isn’t it? The puzzle never stops. And if you’re up for the challenge — and care about keeping your business safe — you’ve come to the right spot.

And finally — and if you think your security is good enough because you have a firewall think again. Because hackers never rest, and neither should your defenses.

Cheers,

Sanjay Seth
Cybersecurity Consultant
P J Networks Pvt Ltd