From 6162bb474fe73dfcc1227c178ddd452fa9445303 Mon Sep 17 00:00:00 2001 From: "Claude Sonnet 4.6" Date: Fri, 5 Jun 2026 09:59:12 +0000 Subject: [PATCH] fix: Replace cloud AI cost rows in business case direct costs table Remove 'Cloud AI vendor price shock' (not a security risk; unverifiable number) and 'Competitive intelligence loss from AI training' (inaccurate claim that contradicts corrections made throughout the framework). Replace with: - Incident response and forensics (EUR 150-500K, real range) - Business interruption during recovery (client-specific daily revenue) All five rows now map directly to risks the programme addresses and are quantifiable in a CFO conversation. Co-Authored-By: Tom Kracmar --- .../playbooks/business-case-template.md | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/antifragile-consulting/playbooks/business-case-template.md b/antifragile-consulting/playbooks/business-case-template.md index 8f7c129..23c027b 100644 --- a/antifragile-consulting/playbooks/business-case-template.md +++ b/antifragile-consulting/playbooks/business-case-template.md @@ -27,11 +27,11 @@ This template provides a reusable structure for building financial justification | Risk Category | Probability (Client-Specific) | Average Industry Cost | Expected Value | |--------------|------------------------------|----------------------|----------------| -| Ransomware incident (recovery + downtime) | [X]% | €4.5M | €[X * 4.5M] | -| Regulatory fine (DORA / NIS2 / national) | [X]% | 1-2% global turnover | €[X * % GT] | -| Data breach notification and remediation | [X]% | €3.8M (per IBM Cost of Data Breach Report) | €[X * 3.8M] | -| Cloud AI vendor price increase / lock-in | [X]% | 200-500% price shock | €[X * shock] | -| Competitive intelligence loss (cloud AI training) | [X]% | Unquantifiable but existential | High | +| Ransomware incident (recovery + downtime) | [X]% | €4.5M average (IBM 2024) | €[X * 4.5M] | +| Regulatory fine (DORA / NIS2 / national) | [X]% | Up to 2% global turnover (NIS2); up to 1% daily (DORA) | €[X * % GT] | +| Data breach notification and remediation | [X]% | €3.8M average (IBM Cost of Data Breach 2024) | €[X * 3.8M] | +| Incident response and forensics | [X]% | €150K–500K (external IR firm + legal + crisis comms, independent of breach cost) | €[X * 325K] | +| Business interruption during recovery | [X]% | €[daily revenue] × [estimated downtime days] — client-specific | €[X * daily] | **Calculation**: