From Network Admin to Cybersecurity Consultant – My Path

Began as a network admin in 1993. Ever put in those fat ol’ multiplexers for voice and data over PSTN? That was the day-to-day grind. The internet was still the Wild West — and then Slammer worm outbreak of 2003 happened and I was there for it all. Systems dropping like flies. Hardware choking under the load. It was a mess, but a harsh lesson in how quickly things can turn sour.

Fast forward a couple of decades and I have my own security company now (P J Networks Pvt Ltd). We specialize in getting businesses — banks, in particular — to up their cybergame. Most recently, I assisted three banks in upgrading their foundations of zero-trust architecture. They withstood things at first (because let’s be honest: Change is hard), but by now their connections are tighter than a car engine after a good tune-up.

And I’ve just returned from DefCon — the hardware hacking village is still fresh in my mind. Seriously, some of those people are taking hacking to the next (as in hardware) level. It’s seeing a master chef deconstruct a classic dish and build it all over again with crazy ingredients.

Quick Take What You Should Know About Zero Trust in Modern Cybersecurity

Zero trust isn’t just a term du jour — it’s a new mindset.

• Legacy systems? They are a security disaster waiting to happen.
• Hardware security is surprising — more than even most security professionals would expect.
• Don’t blindly rely on AI-powered security products. I’m skeptical for good reasons.
• Password policies? This is how most businesses shoot themselves in the foot.

The Rant You Didn’t Know You Needed Password Policies

OK — let’s get this out of the way. Password policies are a mess. Most companies require users to change passwords every 30 days. Everybody who’s been around the block knows this only leads to:

• Users scribbling down passwords on sticky notes
• Passwords becoming less secure as they simply increment numbers
• Disgruntled employees finding workarounds (like Password1 on repeat)

Here’s the thing — password rotation as a panacea is dead. Focus on complexity and, better yet, on multi-factor authentication (MFA). It would be like wearing a seatbelt and stepping on the brakes in your car. Brakes are helpful, sure, but strive to be the seatbelt.

The Zero-Trust Quest Lessons From Banks

If anything, helping banks redesign their zero-trust systems was an awakening. Banks sit atop some of the most sensitive data, so their security cannot have any weak links. Here are some of the things I took away from this recent project:

• Trust nothing, verify everything. That, in turn, means no implicit trust — even things inside the network are monitored all the time.
• Strong segmentation is key. The classic flat network? It’s akin to leaving your car with an unlocked door in a sketchy neighborhood.
• MFA/identity management were huge, not a “nice to have” thing.
• Legacy apps and systems can inherently oppose zero-trust policies and necessary workarounds.

These upgrades aren’t a one-and-done. It’s like regular oil changes and tire checks and carburetor adjustment, a perpetual renewable process.

What the Hardware Hacking Village at DefCon Means to Me

If you believe that cybersecurity is all about software and firewalls, you are only halfway there.

Hardware hacking uncovers vulnerabilities and exploits you don’t see in conventional penetration testing. For example:

• Chip-level backdoors
• Firmware attacks that antivirus doesn’t detect
• Physical modification that interferes with device integrity

Witnessing these helped me remember unsolicitedly that we at PJ Networks always make sure that we have security options on the hardware level (particularly with servers, firewalls and routers). But these are not merely boxes — they are the engines that keep your digital car purring.

My Skepticism Regarding AI Security Solutions

AI is all the rage right now, but I’m dubious. It feels like the difference between cruise control and self-driving cars. You can use cruise control when it comes to speed, but you still have to steer.

Some can help with AI-powered security products, but I’ve seen too many false positives and missed threats. Here’s what I actually recommend:

• Use AI for assistance, not as a crutch.
• Add a human touch to AI — automation plus experience is hard to beat.
• Always be suspicious of the black box — if you can’t audit how it is working, be cautious.

Critical Cybersecurity Insights from Former NSA Director Mike McConnell

Former National Security Agency director Mike McConnell famously said, If the United States experienced a cyber–September 11 attack that caused large-scale physical damage as well as death, the country’s response would be limited only by the president’s tolerance for risk, because offensively inclined U.S. cyber–warriors would most likely destroy the entity that caused it.

They’re the kind of building-block tech that people tend to take for granted but that keeps networks safe.

• Firewalls aren’t just gatekeepers — they’re traffic cops too making real-time decisions.
• Servers need constant patching. The OS is the fuel to the engine that is your server; dirty fuel and you stall.
• Routers are the network’s steering wheel. Misconfigurations? You’re steering toward a ditch without realizing it.

I tell my clients often:

Don’t set it and forget it. Frequent audits and monitoring are essential.

Bringing It All Together

After decades of making my living this way, here’s what I know for certain:

• Cybersecurity isn’t static—it evolves. What was good yesterday may be bad tomorrow.
• Experience counts. I still learn new things all the time — and some of the best teachers have been screw-ups.
• It’s the layers that matter, not the single fix.
• Don’t fall for vendor hype, dig and question claims.

And lastly — if you’re still wavering on zero-trust or password policies or AI-driven security — remember this: Your network is your car on a road without traffic lights. The only way to avoid calamity is to pay attention, take good care of your ride and don’t trust the ride behind you without some cross-verification.

Get in Touch for Expert Cybersecurity Guidance

If you want to discuss more about how you can make your security as tight as possible, feel free to get in touch. I know, I know: Does it get any better than the birth of C?!?! But, trust me, as someone who’s been there since the days of multiplexers and ain’t afraid of no worm, it does. ​Because experience is not an option in Cybersecurity—it’s a requirement.