What Zen, Ancient Wisdom and Infrastructure Security Have in Common

Ancient wisdom continues to amaze me, and this struck me: Isn’t there a strong correlation between ancient philosophies and infrastructure security? This blog post does not look at measuring the superiority of any one school of thought, but explores possible learnings that can be implemented in a security environment.

From a philosophical perspective, for simplicity, let’s consider two parts of spiritual practices: one that looks at external activities, and the other at internal introspection.

Recognizing Patterns From External Activities

The looking-outward practice focuses on external deeds that should be restricted or practiced, categorizing them as ‘bad’ or ‘good’ for your spiritual journey. For example: giving in to anger and greed are categorized as bad, while patience and generosity are categorized as good. What is bad has been recognized through previous experiences, as it could lead to attacking a human weakness that could hinder enlightenment. Now let’s draw a parallel with security. The bad activity can be an ‘exploit’, which can attack a system and lead to it being compromised. Over a period of time, security experts have recognized patterns of typical exploits and are able to identify the exploit by its characteristics, hence preventing it from compromising IT infrastructure. This is the ‘signature based’ approach to protecting IT infrastructure.

Awareness of Self to Help Secure Vulnerabilities

Zen propagates the need for self-awareness. This deep internal understanding of the true self is considered as the first step to awakening. From a security perspective, we look at our existing IT infrastructure to be totally aware of its vulnerabilities. Once we understand the vulnerability, we shield it, hence the exploit’s form is not of prime importance. We are not patterning the external attack, but our total awareness of self is helping us secure our own vulnerabilities. This synchronizes with IBM’s approach to infrastructure security. IBM’s network, host and virtual intrusion prevention solutions use a technology called virtual patching to shield – vulnerabilities within the infrastructure, hence known or unknown attacks trying to exploit this vulnerability are decapitated and the system is secure.

Zen suggests multiple tools to achieve self-awareness: examples include Zazen (just sitting), Koan (Short stories) and Kinhin (walking meditation). IBM’s X Force team uses its research and various information sources as tools to create the largest database of vulnerabilities present in general IT environments. The knowledge of vulnerabilities is then transferred as virtual patches to the individual IPS agents that sit at the client’s datacenters, hence creating a protection shield.

Having a Mirror That Reflects Gaps

However, like individuals, each IT environment is different, with its own customized applications and products, which again opens up a new world of vulnerabilities. Zen emphasizes the importance of having a master, whose role is to be a mirror that reflects gaps that can hinder his pupil’s awakening.