Reference / Operator

About IncidentCost.com

An independent reference for the cost of cyber-incident response and IT-incident management. Operated by Digital Signet, founded by Oliver Wakefield-Smith. Built so the budgeting question for IR retainers, breach response, ransomware negotiation and downtime calculation can be answered without an MSSP sales call.

Why we built it

Incident response cost is one of the most ungovernable budget lines in security: the headline is a retainer fee, but the real cost is the per-hour rate when an actual incident happens, plus forensics, plus legal, plus PR, plus the downtime hit. Most public guidance comes from IR firms selling the retainer or insurers selling the policy. This site exists to publish defensible figures across all of those components, with per-incident-severity cost models and a calculator that translates a hypothetical breach into a budget figure.

Who runs this site

Oliver Wakefield-Smith, founder of Digital Signet
Oliver Wakefield-Smith
Founder, Digital Signet

Oliver runs Digital Signet, an independent AI-development studio that builds data-led pricing and decision tools using public datasets. After 20 years as a solutions architect and tech lead across media, utilities, satellite, and data, he founded Digital Signet to apply autonomous AI development methodology to real software at scale.

Reach Oliver: [email protected]. Profile: LinkedIn.

About the studio

This site is operated by Digital Signet, an independent AI-development studio founded by Oliver Wakefield-Smith. It is part of a portfolio of consumer cost-reference and calculator sites we run as a live R&D lab for our Signet methodology, an autonomous AI development team that ships real software at scale.

Digital Signet does not sell incident-response retainers, does not run a forensics practice, does not broker cyber insurance, and does not accept paid placements from any IR firm or cyber insurer. Editorial direction is set by Oliver. Drafts are produced via Digital Signet's autonomous AI development methodology and reviewed against the editorial framework before publication.

For consulting enquiries (fractional CTO, AI product strategy, autonomous-dev-team setup): see digitalsignet.com.

What we hold to

  • Source pattern. Built on public reference material across the relevant publisher landscape.
  • No paid placements. Does not sell incident-response retainers, does not run a forensics practice, does not broker cyber insurance, and does not accept paid placements from any IR firm or cyber insurer. Independent of every named third party in the relevant space.
  • Math is documented inline. Where the site has a calculator, inputs and assumptions are visible on the calculator page. Nothing is hidden behind opaque scoring.
  • Update only when underlying reality changes. Triggers: New IBM Cost of a Data Breach Report or DBIR edition; Material movement in cyber-insurance market pricing (>15% over 12 months); New ransomware-payment guidance from Treasury / OFAC; Major IR firm pricing-model change.

Contact

For corrections, methodology questions, or scenarios that don't fit cleanly: [email protected].

Read next

How we source data

Sources and refresh discipline.

Incident cost calculator

Translate a scenario to a budget figure.

IncidentCost.com is an independent educational resource. All cost figures are drawn from published industry research including IBM's Cost of a Data Breach Report, Ponemon Institute Cost of Insider Risks Report, Verizon Data Breach Investigations Report, Atlassian incident management research, and PagerDuty incident surveys. This site is not affiliated with IBM, Ponemon Institute, Verizon, Atlassian, PagerDuty, or any security vendor. Figures are for educational and planning purposes only.

Updated 2026-04-27