Would that all modeler's used this
The Modelers' Hippocratic Oath
~ I will remember that I didn't make the world, and it doesn't satisfy my equations.
~ Though I will use models boldly to estimate value, I will not be overly impressed by mathematics.
~ I will never sacrifice reality for elegance without explaining why I have done so.
~ Nor will I give the people who use my model false comfort about its accuracy. Instead, I will make explicit its assumptions and oversights.
~ I understand that my work may have enormous effects on society and the economy, many of them beyond my comprehension.
First off, note the date above, January 09 was the thick of it, boys and girls. The irresponsible, flawed Models of the financial world like Value at risk, basically brought the world to a standstill.
We have not seen anything that gnarly so far in infosec, but many of the models that are in wide use in infosec have the same lack of attachment to the real world as Value at risk, derivative accounting, efficient market theory and modern portfolio theory. Incidentally, the bulk of these theories are based on the work pioneered by Nobel prize winner Robert C. Merton who was Chief Scientist of the bankrupt Long Term Capital Management (1998) and Chief Science Officer of the Trinsum Group (bankrupt 2009). For some people, it truly is a matter of "well, that's all very well in practice, but will it work in theory?" Pursuit of pseudoscience is extremely dangerous.
You might ask yourself why did Goldman Sachs come out of the crisis so much better than others, I highly recommend All the Devils are Here as a history of the financial crisis, consider this passage:
At most Wall Street firms, the back office - made up of the controllers and risk managers and accountants - is a kind of no man's land. Back office employees don't produce revenue, are paid less, and are generally treated like inferiors. But at Goldman, this organization was called "the Federation," and it was powerful. It included a separate group of controllers who independently checked traders' marks. ...
But the single most important thing was this: at Goldman, people talked to each other, all the time, about what was going on in the firm and on the trading desks - both the good and the bad....
Those simple acts - a trader telling his manager that something was wrong, the executive understanding what the trader was saying- would turn out to be disconcertingly rare among Wall Street's highly paid and supposedly accomplished elite.
Note, that the book is no homily to Goldman, they show plenty of things that Goldman does wrong, but the key organizing principle around protecting the firm's assets and organizing communications around that was flat out lacking elsewhere. Relying on bogus formulas instead of observing what actually was happening drove AIG, Lehman, Bear and plenty of others right off the cliff.