In the context of cyber security of any organization of your choice (you can use an organization that you have studied, or makeup one)  explain 3 cost areas and provide the cost (money) involved. You may assume the reasonable cost (or makeup one) by including any direct and indirect cost. 

Provide justification on why that is the estimated cost. Next, for each cost area support how the benefit is realized. It would be ideal if you could quantify the benefit in terms of money but it may not be always easy to do so. Let me provide a short example and you can follow this pattern and expand on that. The cost of purchasing new software is $1,000 and that software is used to support the new health regulations compliance law. 

If this new software is not purchased, then the organization will incur a penalty of $200 per month. As such, the one-time cost incurred is $1,000 and it will break even in 5 months (as in 5 months the company had to pay a penalty of $1,000). The goal of this discussion is to help students realize that an investment is made to realize a benefit (strategic, operational, competitive, compliance, loss of opportunity, etc.), and the new investment should break even at a certain point in time.