On Wed, Oct 12, 2011 at 9:14 PM, gillis jones <[email protected]> wrote: > Hi Guys, > > First and foremost, apologies if you feel this is spam- don't mean to, just > trying to harvest some knowledge... I am looking into the overall cost of a > hack, trying to figure out what kind of actual costs are incurred by > businesses when they are hacked, so a few things: > > Do you have any real world figures you would be able to provide me, > officially or unofficially- that would reflect the real cost to business of > hacking? These Include: > > A. Any cost for personnel repurposing. > B. Any cost of resources for Bandwidth, Cloud Computing > Cycles Consumed, or other miscellaneous expenses associated with an active > attack. > C. Cost of regulatory compliance updates ( So, say > someone is inside of PCI compliance during an attack, the cost of re-upping > their compliancy and any associated costs.) > D. Hard losses due to product stolen/destroyed/rendered > useless > E. Projected losses due to customer turnover and/or loss > of customer trust relationship. > F. Customer Interaction/Trust Relationship Costs > (Notifications,Call Center Volume Redistribution for Questions regarding > breach, Discounts) > G. Losses due to fines and lawsuits > H. Cost of Public Relations Management > > I am trying to come up with some idea of what the real cost is, not just the > cost that corporations cite when they want to look like they are paying the > price already for their "sins" but not enough that stockholders take > notice... Similar was recently asked on SecurityFocus mailing list. See "financial loss estimates? ", http://www.securityfocus.com/archive/105/520013/30/0/threaded.
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
