Cybersecurity Insights from 30 Years in the Trenches

There is something almost magical about the smell of freshly brewed coffee and a corner office, oh so quiet allowing you time to think. Three cups in and I find myself writing one of the most familiar yet ever changing topics, cybersecurity.

Funny how quickly things can happen. I began as a network admin in ’93, playing with routers, multiplexers for voice and data over PSTN lines—yep those dinosaur days when the internet was just beginning to start. Fast forward. I run my own security outfit and here I am, still learning.

But here’s the thing. It really is experience that forms a view. And possibly, some ol’ worm named Slammer melting down your network-first hand. That was in 2003, and if you are lucky enough to not have heard of Slammer. You know, that nightmare guest who reminds you that you have no idea how to make sure the rest of your systems aren’t just as easy to break.

Okay. But before I get too nostalgic, let’s focus on what matters today. Zero-trust. Recently, I have returned from supporting three of the largest banking organisations to shift their zero-trust architectures (an absolute monster effort but so worth it). And today, that is exactly what I am going to write about: some actual lessons from the trenches and as always with a sprinkle of my rants & analogies.

Zero-Trust Not Just a Buzzword

I’ve witnessed every silver bullet solution come and go since the early 2000s. The good news about zero-trust is that it’s not a buzzword — it works. The main idea? Nothing or Nobody is to Be Trusted by Default — Not even your own NXS Team. You question every access request as if it were attempting to burgle your data, and often it is.

Surprise surprise, here is what else caught me off guard on these bank projects —

• Zero-trust is not only tech — it is more of a mental reposition than a plugin.
• Legacy systems continue to be the number one plague. You cannot just forklift and replace it overnight.
• User behavior analytics matter. Your fancy firewall logs.

Yes, the firewalls still rule the roost, but consider them like your bouncer at a club checking ID and keeping out the undesirables from entering. Take that muscle away, and your entire zero-trust castle crumbles like a house of cards.

Well, I am a Little Cynical on AI-Based Security

So yeah, controversial opinion coming up — I am not confident in the whole AI-powered security solution craze and buzz. Don’t get me wrong, machine learning is awesome and useful for making great advances in threat detection but just slapping AI on a product and raising prices? Meh.

Why? AI models are as good as the data and training they receive. And guess what? Sometimes they are learning bad habits or just missing the obvious stuff because of some bizarre edge case. And you get a black box where you don’t really know what decisions are being made. I am old school like that — give me control and at least visibility of the tools protecting my customers.

DefCon’s Hardware Hacking Village – Still Relevant

As buzzed as I still am for having recently returned from DefCon, staring at the results of my hardware hacking village efforts. Ahh, you get a little jaded after almost 30 years in this business on software vulnerabilities. But hardware bugs? Those sting differently.

It’s sort of like catching someone making a key for your car without you knowing, but instead of only your car, it’s all cars. Catching backdoors in server boards or router chips is unheard of in Australia however. That’s scary stuff.

What struck me this year:

• Even hardware vendors are having a hard time with supply chain security.
• Security teams in enterprises — physical tampering, sends goosebumps down your spine… right?
• The innovation coming out of these villages is amazing — but then so too is the vast ocean that exists between these discoveries and enterprise adoption.

Lessons from the Slammer Worm as Effective Today

When the Slammer worm hit in the early 2000s, I was still patching network gear and picking up the pieces. It was a wake-up call for how few characters I needed to destroy entire infrastructures.

And what I learned — and what still seems right to me now:

• Patch early. Patch often. But be ready for downtime.
• Intrusion detection systems are not fool proof, but human analysts play a most important role.
• Simplicity helps. Using more complicated networks will only result in ignoring vulnerabilities that can lead to a full system take down.

Running a network today is like keeping an old car still on the road. While you can put a lot of fancy widgets and turbochargers on it, if you fail to patch it, audit it, or back it up, you are going nowhere quickly.

The Backbone of Security Firewall Servers and Routers

I mean, I get this question all the time — cloud is getting everywhere; you still need traditional firewalls and on-Prem devices! Short answer: Absolutely.

I tell clients this:

• Your firewall represents the first and last line of defense. Think of it as a moat around your castle.
• Servers—well, certain services they run. Minimal exposure, max monitoring.
• Routers? The single most important, but often still overlooked aspect of your network. Lock down the configuration, keep an eye for firmware updates.

If you forget any one of these you may as well be a chef attempting to prepare fine dining using blunt knives.

Quick debugging tip? The next time that there is some freaky traffic, check the router and firewall logs to see if this unusual activity made it on here before you rush off in panic.

The One Password Policy That Annoys Me The Most

Time for my usual rant. I have yet to see a password policy that is not a complete disaster. So can we, you know, stop making everyone hate their passwords with arbitrary and capricious complexity rules.

Here’s what’ll help:

• Promote longer passphrases as an alternative to strange symbols.
• Be sure to use multi-factor authentication (MFA). This is a hard yes.
• Train your teams, people are only human and still click phishing emails no matter how many shiny things you buy.

And that, my friends, is a bit like expecting a car to work without gas. A turbo can be twisted on it, but your spinning wheels in the tank.

Q What Will You Do Tomorrow

• Audit your network devices (firewalls, routers, servers).
• Zero Trust efforts should be starting or continuing to zero-trust initiatives: it is a marathon not a sprint.
• Ditch bad password rules, we should do multisig and passphrases instead.
• Don’t blindly trust AI-powered vendors — demand transparency.
• Monitor hardware security, not just software.

Final Thoughts

Despite what you might expect, the cybersecurity landscape has not evolved at as grand a scale as other industries. The games are grander, yes, but the basics remain critical. Almost 30 years later, I realize: it’s a lot like making sure an old car gets going every day for work.

Out of the way — best back in May before another allium goes to seed, their scope measured also by penitence.

And so, I will continue overusing italics, under-completing sentences, and integrate hating on passwords or don’t trust that Razor Mouse ad. However, most importantly, I will continue to share real insights that have been battle tested and can help keep you ahead.

Which in the final estimation, is never only about technology. This time was about people, processes and a little bit of caffeine.

Sanjay Seth, P J Networks Pvt Ltd

P.S. If you want to nerd out on zero-trust or hardware security, I am always around for a chat. Or I could lecture at you for hours about home gateways and old-school PSTN muxes. You’ve been warned.