BreachCalc
Cyber impact translated into dollars (capacity-scaled)
Guide

Get access to BreachCalc

Enter your details to continue to the energy calculator. Name and email are required.

We use your details to provide access to this calculator.
Cyber impact planning

Estimate what a cyber incident could cost your energy operations.

Use public cyber benchmarks to model a typical one-time impact, a severe stress case, and an expected annual exposure number for your site or portfolio.

The calculator runs in-browser after access is granted, and share links include inputs in the URL, so avoid sensitive values.
1
Enter capacity
Use a single site, a regional portfolio, or your full fleet in MW or GW.
2
Set planning likelihood
Choose a conservative, moderate, or elevated annual likelihood for budgeting and tabletop discussions.
3
Use the three outputs
Median for planning, severe for stress testing, and ALE for annual exposure conversations.

Inputs

%
Likelihood is a planning lever, not a claim. Set it to fit your operating environment, control maturity, and risk appetite.
Under the hood: we normalize selected public anchors into $/MW and scale linearly to your capacity.

Impact overview

Typical one-time impact (median)
-
-
Severe one-time impact (high end)
-
-
Expected annual impact (ALE)
-
-
How to read this: typical is a median planning anchor, severe is a high-end stress case from selected public incidents, and expected annual impact is the median multiplied by your planning likelihood.
Executive brief
-
  • Use typical impact for budget and board discussions.
  • Use severe impact for tabletop exercises and resilience planning.
  • Use ALE as a simple annual exposure number, not a forecast.
Method, benchmarks, and sources
What the cost represents
Public figures can reflect different components. In practice, a material incident often includes some mix of:
  • Incident response: containment, forensics, restoration, and overtime
  • Operational disruption: downtime, lost production, manual workarounds
  • External support: IR retainers, OT specialists, legal, PR, notifications
  • Regulatory and contractual impacts: penalties, audits, customer remediation
Method (transparent math)
impact_per_MW = published_amount_USD / reference_MW
one_time = impact_per_MW * your_capacity_MW
ALE = one_time(median) * (annual_likelihood / 100)
Reference MW is disclosed per benchmark so the normalization is auditable.
Assumptions and limitations
  • Linear scaling is an intentional simplification for executive translation (blast radius and architecture vary).
  • Benchmarks mix different bases (demand vs paid vs disclosed costs vs survey medians). Each row is labeled.
  • Expected annual impact (ALE) is a planning metric. It is not a forecast and not underwriting.
Security and privacy
  • Registration details are used only to provide access to this page.
  • No external scripts/fonts and no third-party network calls (links below are only for user navigation).
  • Share links encode inputs in the URL query string. Avoid using sensitive values if you plan to share.
Benchmarks in use
Toggle benchmarks on/off for sensitivity or to align the basis (demand/paid/disclosed/survey). This updates the results above.
Benchmarks and citations
Benchmark Published Basis Reference MW Normalized Sources
Normalized impact summary (selected benchmarks)
-
Legal / usage
BreachCalc is an executive translation aid. It is not financial, legal, or insurance advice. Public figures may not represent total loss. Use with professional judgement.