Like Customer information, Employee information refers to any non-public personal or sensitive information about a customer. Private data is categorized into three types – personally identifiable information (PII), payment card industry (PCI) data, and protected health information (PHI). PII includes information such as an employee's name, address, date and place of birth, phone number, and email address. PCI data includes financial information such as account and credit card details. PHI includes an employee's medical history.

Like Employee information, Customer information refers to any non-public personal or sensitive information about a customer. Private data is categorized into three types – personally identifiable information (PII), payment card industry (PCI) data, and protected health information (PHI). PII includes information such as a person's name, address, date and place of birth, phone number, and email address. PCI data includes financial information such as account and credit card details. PHI includes medical history.

Business continuity refers to the ability of an organization to maintain its essential functions and operations during and after a disruption by a cybersecurity breach. When a breach occurs, it can cause an organization’s critical systems to go offline, leading to a loss of productivity and revenue for the organization.

An organization’s Intellectual property (IP) refers to any intangible assets that are created or acquired by an organization and used to generate revenue. IP can include a wide range of assets, such as patents, trademarks, copyrights, trade secrets, and proprietary information. These assets are often central to an organization's competitive advantage and can be a key source of value. Some examples of IP include source code, legal contracts, bidding strategies, media content, knowledge base documents, chemical formulae and so on. Two main types of intellectual property (IP) can be identified – proprietary IP and confidential IP. Proprietary IP refers to assets that belong to the organization but are not confidential, such as marks, logos, and marketing materials. Confidential IP refers to the organization’s know-how and other information that is kept secret, such as the organization’s product’s source code.

An organization’s Reputation refers to the way it is perceived by its stakeholders, including its customers, employees, and investors. An organization's reputation can directly impact its revenue and ability to secure additional funding, as well as affect its stock price and investor confidence. A cybersecurity breach can significantly damage an organization's reputation. This simulation accounts for reputational damage, a significant but often overlooked cost of a breach. Unlike direct losses, it affects customer trust, stock value, and business opportunities over time. Many organizations struggle to track its impact amid immediate concerns, and cyber insurance typically does not cover it. While modeled on industry data, actual effects vary. This analysis helps organizations anticipate and mitigate long-term risks beyond direct financial penalties.