Greg Young

I found it interesting that there are two Hippocratic Oaths: the original and a ‘modern’ one from 1964.  In this new version I was fascinated with "those twin traps of overtreatment and therapeutic nihilism".   This modern version reads much better.  Here is a take on it if we in ITsec were ‘professionals’ and took an oath true to Hippocrates and not to be hypocrites:

I swear to fulfill, to the best of my ability and judgment, this covenant:
I will respect the hard-won scientific gains of those old cryptographers in whose steps I walk, and gladly share such knowledge as is mine with those who are to follow.
I will apply, for the benefit of the sick networks, all measures [that] are required, avoiding those twin traps of the kneejerk ‘NO" and consumerization nihilism.

I will remember that there is art to security as well as science, and that security posters do not outweigh the firewall or the SIEM.
I will not be ashamed to say "I know not," nor will I fail to call in my colleagues when the skills of another are needed for a forensic recovery.

I will respect the privacy of my pen-test clients, for their problems are not disclosed to me that the world may know. Most especially must I tread with care in matters of SSNs and PCI data.

If it is given me to save a network, all thanks. But it may also be within my power to take down a botted network or NAC a host; this awesome responsibility must be faced with great humbleness and awareness of my own and my career’s frailty. Above all, I must not play at being a member of the executive team.

I will remember that I do not treat a virus, a rogue VM, but a company, whose troubles may affect the employees and their personal economic stability. My responsibility includes these related problems, if I am to care adequately for the hosts.

I will prevent malware whenever I can, for prevention is preferable to post-infection removal.

I will remember that I remain a member of the internet, with special obligations to all my fellow human beings, those sound of mind and body as well as the novice users and vendors.

If I do not violate this oath, may I enjoy life and the odd rare and random upgrade to business class, respected while I live and remembered with affection thereafter. May I always act so as to preserve the finest traditions of my calling and may I long experience the joy of sending links to those who seek my help.