D’Amico, A. D. (2000). What does a computer security breach really cost. Secure Decisions, Applied Visions Inc.
Objective: Many CEOs and CIOs are slow to invest in computer security because they do not know how to measure their Return on Investment (ROI). No one has shown them the actual costs associated with not investing in computer security. The objective of this paper is to provide the information security officer with objective data about the actual cost of computer security breaches to commercial companies. The information presented herein can be used as input into the ROI analyses to support security procurements.