A transparent walkthrough of every calculation — from incident base costs through regulatory fines to capability discounts. No black box. All numbers are explainable.
All cost benchmarks are conservative, directional estimates based on:
IBM Cost of a Data Breach Report 2025
US average $10.22M (record); global $4.44M; AI/automation saves $1.9M and 80 days; shadow AI adds $670K
Verizon DBIR 2025
Ransomware in 44% of breaches (+37%); third-party breaches doubled to 30%; vulnerability exploitation up 34%
Ponemon Institute 2025/2026
2026 Cost of Insider Risks: $19.5M avg annually; containment cost $211K per incident; AI adoption cutting containment time
All figures are estimates for planning purposes only and are not legal, financial, or insurance advice. Actual costs vary significantly by organization and incident specifics.
Choose from 8 incident categories, each with its own base cost, staffing profile, and typical response duration derived from 2025–2026 industry research.
Three independent multipliers scale the base cost to your organization's reality.
Each active compliance framework adds a fixed cost for documentation, reporting, and regulatory response. Data-exfiltration incidents also carry regulatory fine exposure.
The in-house discount is applied to staffing costs only — base costs, compliance, and regulatory fines are the same regardless of team model.
Existing security investments reduce the discountable portion of your costs — but never touch regulatory fines or notification costs.
The output gives you per-incident costs, annualized totals, a cost breakdown chart, regulatory details, and your highest-ROI capability investments.
Base cost (before discounts)
baseCost = incidentBase × orgSize × industry × dataClass
Staffing (outsourced)
staffing = Σ(role × count × roleCost × durationHours)
Regulatory exposure (data-exfil incidents)
regulatory = baseFine + min(perRecordFine × records, orgCap)
Final per-incident cost (outsourced)
(baseCost + compliance + staffing) × (1 − capDiscount) + regulatory + notification
In-house equivalent
Replace staffing with: staffing × (1 − inHouseDiscount)
capDiscount = sum of selected capability discounts, capped at 65%. Regulatory costs are never discounted — they are externally imposed.
| Type | Base Cost | Duration | Key Roles | Regulatory Exposure |
|---|---|---|---|---|
| Data Breach | $50,000 | 80h | Analyst ×2, Manager, Forensic | Yes |
| Ransomware | $85,000 | 120h | Analyst ×3, Forensic ×2, Recovery ×2, Manager | Yes |
| DDoS Attack | $25,000 | 48h | Analyst, Network ×2 | No |
| Insider Threat | $60,000 | 100h | Analyst ×2, Manager, Forensic, Legal | Yes |
| Phishing Campaign | $20,000 | 40h | Analyst, Manager | No |
| Supply Chain Attack | $95,000 | 180h | Analyst ×3, Manager ×2, Forensic ×2, Recovery ×2, Legal | Yes |
| Cloud Misconfiguration | $35,000 | 60h | Analyst ×2, Manager, Network | No |
| AI/ML System Attack | $55,000 | 96h | Analyst ×2, Manager, Forensic | No |
Base costs before org size, industry, and data classification multipliers. Staffing costs are additional. Hourly rates: analyst $165, manager $265, forensic $325, recovery $225, network $195, legal $400.
Score your incident response program across 5 domains and get a prioritized improvement roadmap.
ir.breached.company/ →Estimate your cyber insurance premium and coverage needs based on your risk profile.
cyberinsurancecalc.com/ →Deep-dive financial impact of data breaches specific to your industry and breach size.
databreachcostcalculator.com/ →Stay current on the latest security breaches, trends, and threat intelligence.
breached.company/ →© 2026 ircost.breached.company — Part of the CyberAdX Network