29
CHAPTER 3: COST FACTORS OF A
BREACH
In this chapter we will analyse and examine the
diverse cost factors of a breach, ultimately
comparing these with the implementation cost of
an ISMS, thereby hoping to serve all those CISOs
and CSOs who have to justify their budget on a
daily basis. There are cases in which simply
paying for the breach will actually be less costly
than implementing an ISMS, but this is an absolute
exception and does not work long term. Long
term, if you are high-profile enough, you may well
be attacked by unsophisticated or sophisticated
means, and the cost of implementing an ISMS will
always be lower than the cumulated cost of caring
for breaches.
We can differentiate between two types of cost
factors: those that ...