SCP-7248
Safe
~
medium confidence
SCP-7248
Expected annual
$1.0M
One-time setup
$1.4M
Annual recurring
$955K
Personnel
4
One-time setup and contingency funding (~$1.39M) dominate initial costs (lab, quarantine build-out, payroll-contingency). Recurring annual baseline costs (~$955k/year) are driven by IR staff, EDR/SIEM licensing, external IR retainers, training, and insurance; per-incident payroll reimbursements and investigations can add hundreds of thousands to millions for outbreaks.
One-Time Capital Costs
Total: $1.4M
Annual Recurring Costs
Total: $955K/yr
Cost Scenarios
📊
Baseline
(baseline)
$955K/yr
Uneventful year with only ongoing prevention, staff, and tooling costs; no successful large-scale charge incidents.
no successful large-scale infections
regular operations and maintenance
🚨
Minor Incident
$1.4M/yr
Single-department outbreak (order ~50 employees affected) requiring external IR engagement, reimbursements, and modest legal/accounting work.
single-department successful arhg.exe execution
payroll charges to dozens of employees
need for external IR surge
🚨
Major Outbreak
$2.8M/yr
Multi-department outbreak (hundreds of employees affected) with large reimbursements, extended forensics, and heavy PR/legal exposure.
cross-department 5: 1multiplication escalates spread
large number of successful payroll charges
major external investigations and potential settlements
🚨
Public Exposure
$2.0M/yr
Information leakage or external exposure triggers regulatory action, heavy PR/legal costs, and fines.
press/regulatory exposure
data-breach notifications or whistleblower action
major legal/regulatory fines
Personnel
4 total
| Role | Count | Notes |
|---|---|---|
| IR Lead | 1 | Senior incident response coordinator included in staff_wages [#4]. |
| IR Analyst | 2 | Two full-time incident response/monitoring analysts included in staff_wages [#4]. |
| Malware Analyst | 1 | Malware/sandbox analyst (on-call) included in staff_wages [#4]. |
Confidence Notes
Line-item costs (licenses, staffing) are reasonably well-bounded, but incident frequency and scale (payroll reimbursements, recoverability of funds, legal exposure) are highly uncertain; scenario probabilities are analyst estimates.