14. Costs that we should be able to discover and/or estimate:
Lost productivity
Incident response and forensics costs
Costs of replacing lost or damaged hardware, software, or
information
Public relations costs
Legal costs
Costs of sending letters to notify customers and business
partners
Costs of providing credit monitoring
Fines from governmental action (HIPAA/HITECH, FTC, State
Attorneys General, etc.)