I’ve been a fan of security guru Bruce Schneier for a long time.  In this article from his website, he explores recent research conducted by RAND on the cost corporations bear for cybersecurity breaches.  Interestingly, the research suggests that the costs are often much lower than expected.  Schneier counters this perspective by highlighting that other externalities (costs born by others) weren’t being considered in the research.

The article is definitely worth a read and I’ll be scheduling out the research soon.