SCP-5796 Unknown ~ medium confidence
SCP-5796
Expected annual
$13.7M
One-time setup
$4.1M
Annual recurring
$13.5M
Personnel
20
Initial containment and research require a multi-million-dollar one-time buildout (~$4.13M) and substantial ongoing operations dominated by staffing, productivity losses, and monitoring tooling (~$13.46M/yr). Major drivers are continuous SOC/monitoring, staff wages, long-term forensic logging, legal/PR contingencies, and organizational productivity impacts.
🏗️ One-Time Capital Costs Total: $4.1M
Legal Cover Reserve $850K
[#14] Legal, compliance & cover-story fund (initial containment legal work, NDAs, contingency payouts, drafting cover stories).
Facilities $750K
[#1] Secure analysis laboratory (air-gapped, TEMPEST-hardened workstations, Faraday shielding, physical evidence storage) — buildout, secure cabinets, biometrics, EMP/lightning protection, on-site backup appliance.
Initial Research And Lab Setup $700K
[#18] Initial research grant and laboratory setup dedicated to anomalous web artifact research, server code analysis, memetic testing and initial experiments.
Public Misinformation Retainer $450K
[#27] Public-facing misinformation & media control retainer / emergency fund to counter leaked URL/screenshots.
Equipment $398K
[#2, #3] Dedicated containment & research servers, isolated VMs, storage array, HSM; network segmentation & privileged access appliances (NAC, next-gen firewalls, microsegmentation).
Sandbox Viewer Development $275K
[#7] Development of sandboxed "read-only/metadata-only" viewer & sanitization tools (secure development and pentesting).
Iam Migration $260K
[#9] Personnel access control overhaul (IAM/PAM migration, RBAC, passwordless/2FA changes, migration and training rollouts).
Internal Tooling Dev $150K
[#25] One-time software development for internal tooling (access logs UI, case management, immutable-log displays).
Disaster Recovery One Time $125K
[#22] Disaster recovery & redundancy setup (cold/hot DR sites, backups initial configuration).
Training Program Initial $100K
[#11] Initial personnel training, discipline protocol, awareness suppression program setup and onboarding materials.
Physical Security Upgrades $75K
[#20] Physical security upgrades for rooms/devices permitted to access SCP-5796 (secure cabinets, safes, biometric locks).
🔄 Annual Recurring Costs Total: $13.5M/yr
Productivity Loss $8.0M/yr
[#26] Productivity & opportunity cost due to restricted internal directory access (order-of-magnitude estimate: ~1% productivity hit for 10,000 staff).
Staff Wages $2.1M/yr
[#5, #6, #13, #21, #29] Salaries & benefits: dedicated cybersecurity/forensic team (item #5), SOC analyst staffing portion (item #6), content moderation staff portion (item #13), guards/badge enforcement wages (item #21), administrative/committee support (item #29).
Replacement Reassignment Budget $600K/yr
[#28] Replacement / reassignment costs for high-risk individuals (temporary isolation, reassignment incentives, protective custody costs).
Psychological Counseling $400K/yr
[#16] Psychological counseling & EAP expansion for affected personnel (therapy sessions, memetic counseling specialists).
Ongoing Research Funding $400K/yr
[#19] Ongoing anomalous research funding for continued staffing, experiments, sample collections and travel.
Internal Affairs Investigations $275K/yr
[#17] Internal affairs / incident investigation per-case budget (interviews, psych evals, temporary reassignments) estimated from example incident rates.
Soc Ops Tooling $255K/yr
[#6] SOC monitoring tooling, shift overtime pool and on-call tooling (split of item #6 between wages and ops/tools).
Technical Countermeasures Rnd $225K/yr
[#24] Ongoing R&D for proxies, content sinks, honeypots and deception tooling to study/mitigate SCP-5796-assisted social engineering.
Cover Story And Legal $165K/yr
[#15] External legal retainer and litigation insurance (ongoing counsel and premiums).
Siem Forensic Storage $165K/yr
[#8] Continuous logging, SIEM licensing and long-term forensic storage (WORM, retention costs, indexing).
Dlp Systems $165K/yr
[#23] Data Loss Prevention systems & exfiltration control licensing/ops.
Network Security Licensing $130K/yr
[#4] Network & security licensing and maintenance (firewall subscriptions, NAC licenses, support contracts).
Compliance Retraining Audits $120K/yr
[#12] Ongoing compliance & retraining / audits, refresher training and remedial actions.
Content Moderation Tooling $105K/yr
[#13] Automated content filters, NLP scanners and tooling for content moderation (split of item #13 tooling vs. staff wages).
Iam Pam Licenses $95K/yr
[#10] IAM / PAM license & operational costs (hardware tokens, replacements, helpdesk overhead).
Consumables Travel Misc $80K/yr
[#30] Consumables, travel & miscellaneous (secure transport of forensic disks, travel for interviews, specialized test consumables).
Sandbox Maintenance $65K/yr
[#7] Ongoing maintenance for sandboxed viewer & sanitization tools (updates, pentesting, bugfixes).
Software Maintenance $65K/yr
[#25] Recurring maintenance & updates for internal tooling (access logs UI, case management).
Disaster Recovery Maintenance $50K/yr
[#22] Recurring replication/DR maintenance, replication bandwidth and verification costs.
Facilities Maintenance $0/yr
[]
Supplies And Consumables $0/yr
[]
Research And Monitoring $0/yr
[]
Logistics And Transport $0/yr
[]
Cost Scenarios
📊 Baseline (baseline) $13.5M/yr
69.0% probability / year
Normal, uneventful year with routine monitoring, training, audits and standard operations.
no major incidents routine audits standard staff turnover
🚨 Minor Incident $13.7M/yr
25.0% probability / year +$200K vs baseline
Localized incidents such as small insider access, a handful of unauthorized accesses, or several personnel breaches requiring investigations and modest legal/PR work.
insider access discovered several disciplinary investigations limited legal/PR engagement
🚨 Major Breach $15.5M/yr
5.0% probability / year +$2.0M vs baseline
Significant exposure or coordinated misuse (wider personnel compromise, targeted campaigns), triggering large legal actions, broader containment response, overtime hiring and increased monitoring.
coordinated messaging campaign widespread unauthorized access legal class-action or major whistleblower activity
🚨 Catastrophic Public Exposure $23.5M/yr
1.0% probability / year +$10.0M vs baseline
URL or screenshots leak to public or civilian entities resulting in large-scale litigation, national media exposure, heavy regulatory scrutiny and extreme productivity/retention impacts.
public leak of URL or data media/regulatory investigation mass litigation or settlements
👥 Personnel 20 total
Role Count Notes
Cybersecurity / Forensic Analyst 5 [#5] Dedicated cybersecurity / forensic team (2–4 analysts + 1 lead; budgeted as 5 FTE).
Security Officer / SOC Analyst 6 [#6] 24/7 SOC monitoring & incident response coverage (shift staffing portion reflected here).
Content Moderator 3 [#13] Content moderation team (human moderators portion reflected in wages).
Security Guard 3 [#21] Guarding & badge enforcement for sensitive areas (armed/secured site guards).
Administrative Staff 3 [#29] Administrative overhead for containment governance (director committee support, recordkeeping, secretarial support).
📋 Confidence Notes
Analyst notes provide detailed line-item ranges and plausible operational assumptions, allowing mid-point estimates; uncertainty remains around frequency of incidents, true productivity loss magnitude, and legal exposure variability, so confidence is medium.
← SCP-5795 ↑ All SCPs SCP-5797 →