SCP-8592 — SCP-8592 | Cost Breakdown

Read on SCP Wiki ↗

SCP-8592 Unknown ~ medium confidence

SCP-8592

Expected annual

$447K

One-time setup

$2.9M

Annual recurring

$438K

Personnel

Upfront one-time tooling and isolation (sandbox VMs, dev work, UI changes) are modest but a worst-case full network rebuild can push costs into the millions; baseline annual operations are dominated by staffing, SIEM/logging, and research/backup costs.

🏗️ One-Time Capital Costs Total: $2.9M

Network Rebuild Contingency $2.8M

[#20] Worst-case full SCiPnet migration / rebuild contingency; midpoint of $0.5M–$5M+ used for planning contingency.

Sandbox Vm Cluster $72K

[#1] One-time secure VM cluster / on-prem hardware or air-gapped virtual environment build; midpoint of $25k–$120k.

Automated Profile Integrity Development $30K

[#3] One-time development of profile-integrity monitor and rollback service; midpoint of $15k–$45k.

Endpoint Protection One Time $30K

[#19] One-time endpoint protection / application whitelisting deployment costs; midpoint of $10k–$50k.

Ui Flagging Dev $19K

[#16] One-time UX dev to add 'unverified department' flags and report buttons; midpoint of $8k–$30k.

Mail Gateway Implementation $15K

[#2] One-time implementation of mail-gateway filter rules and quarantine automation; midpoint of $5k–$25k.

Honeypot Build $7K

[#9] One-time build of honeypot/occupation projects (dummy research entries/inboxes); midpoint of $2k–$12k.

Training Content $6K

[#8] One-time creation of training / awareness content; midpoint of $3k–$8k.

Facilities $0

[]

Equipment $0

[]

Initial Research And Lab Setup $0

[]

🔄 Annual Recurring Costs Total: $438K/yr

Staff Wages $142K/yr

[#5, #7] SOC monitoring/incident handler (0.5–1.0 FTE) + 0.2 FTE security analyst and HR/records admin (0.25–0.75 FTE); combined midpoint estimate.

Research And Monitoring $80K/yr

[#10] Small dedicated research budget for anomaly characterization (PI 0.2 FTE, tech 0.5 FTE, compute time); midpoint of $40k–$120k.

Cover Story And Legal $48K/yr

[#13] Legal/cover-story retainer for internal memos, NDAs, and investigations; midpoint of $20k–$75k.

Siem License $35K/yr

[#4] Increased logging/SIEM licensing and retention costs; midpoint of $10k–$60k/yr.

Incident Response Retainer $35K/yr

[#6] Forensic/cybersecurity retainer (annual); midpoint of $20k–$50k/yr. (Per-incident fees handled in scenarios.)

Change Control Audit $25K/yr

[#17] Regular change-control audits and associated labor/tooling; midpoint of $10k–$40k/yr.

Exercises $15K/yr

[#18] Tabletop and live DR/blue-team exercises; midpoint of $5k–$25k/yr.

Endpoint Licensing $12K/yr

[#19] Ongoing endpoint protection licensing and whitelisting fees; midpoint of $5k–$20k/yr.

Supplies And Consumables $8K/yr

[#21] Miscellaneous consumables, couriering forensic media, travel, small hardware replacements; midpoint of $2k–$15k.

Backup Immutability $8K/yr

[#11] Increased backup frequency and immutable retention costs; midpoint of $2k–$15k/yr.

Automated Profile Integrity Ops $6K/yr

[#3] Ongoing operations for profile-integrity daemon (hosting/ops); midpoint of $3k–$10k/yr.

Psychological Support $6K/yr

[#15] Employee assistance / counseling support for affected staff; midpoint of $2k–$10k/yr.

Forensic Archival $6K/yr

[#12] Forensic-grade, write-once archival of manifested communications and artifacts; midpoint of $1k–$10k/yr.

Mail Gateway Maintenance $3K/yr

[#2] Ongoing maintenance and rule tuning for mail-gateway filters; midpoint of $1k–$5k/yr.

Training Refresh $3K/yr

[#8] Periodic refresher delivery and training upkeep; midpoint of $1k–$5k/yr.

Honeypot Maintenance $3K/yr

[#9] Ongoing honeypot administration/maintenance; midpoint of $500–$5k/yr.

Ui Flagging Maintenance $2K/yr

[#16] Ongoing maintenance for UI/flagging/report button; midpoint of $1k–$3k/yr.

Facilities Maintenance $0/yr

[]

Logistics And Transport $0/yr

[]

Public Relations $0/yr

[#14] PR/externally-facing misinformation management is event-driven (per-event costs), not baseline recurring; recurring baseline set to $0/yr.

⚡ Cost Scenarios

📊 Baseline (baseline) $438K/yr

94.8% probability / year

Normal year with no major incidents: ongoing monitoring, rule tuning, backups, staffing, SIEM, and small research/honeypot operations.

no incidents routine operations

🚨 Minor Incident $503K/yr

5.0% probability / year +$65K vs baseline

Single investigatory incident requiring extra forensics, legal work, and limited PR/response; no full rebuild.

isolated compromise or unusual manifestations one-off forensic investigation legal/internal inquiry

🚨 Major Breach $3.4M/yr

0.2% probability / year +$3.0M vs baseline

Severe event requiring full network rebuild/migration and major legal/PR response.

decision to rebuild or excise SCP-8592 from production widespread data corruption or public leak

👥 Personnel 3 total

Role	Count	Notes
Sysadmin / Incident Handler	1	[#5] 0.5–1.0 FTE monitoring and incident triage (represented as one assigned role in headcount).
Security Analyst	1	[#5] ~0.2 FTE security analyst for filter/script maintenance (represented as one shared analyst in headcount).
Administrative Staff	1	[#7] HR/records admin (0.25–0.75 FTE) for auditing and manual corrections; represented as one staff member in headcount.

📋 Confidence Notes

Estimates are drawn from analyst-provided ranges; midpoints were used where ranges were wide (notably the network rebuild contingency). SCP behavior and trigger frequency are described but have uncertainty, and high-impact events have broad ranges, yielding medium confidence.

← SCP-8591 ↑ All SCPs SCP-8593 →