The purpose of the research, in this report, is to understand how organizations qualify and quantify the financial risk to their tangible and intangible assets in the event of a network privacy or security incident.