After an attack, an organization will have to do everything it can to salvage itself. The aftermath of a serious attack is not pretty, and lots of funds have to be used to clean up the mess created by the hackers. Some companies prefer to do a complete audit of their information systems to find out the exact causes or influential factors in the attack. Post-breach activities, such as IT audits, can unearth important information that can be used to prevent the same type of attack from being executed. Some companies prefer to pay for digital forensics experts to identify the cause of an attack as well as track the hackers or the data and money stolen. Digital forensics is sometimes even able to recover some of the lost assets or funds. For instance, Ubiquiti Networks was hacked in 2015 and $46,000,000 was stolen through social engineering. Using digital forensics, $8,000,000 was recovered in one of the overseas accounts that the hackers requested the money be sent to. Sometimes all the stolen money can be recovered, but in most instances, that's not the case. The following is an article on the recovery of $8,100,000 by Ubiquiti Networks after an attack that stole $46,000,000:

In short, the costs associated with a cyber attack are high and charges can even continue for several years after the actual attack happens. The current estimate of each attack being around $3,000,000 per victim organization is a mere statistic. Individual companies suffer huge losses. These costs have been broken down and explained in detail throughout this chapter. However, the costs associated with cybersecurity are not solely tied to the negative aftermath of an attack. Cybersecurity products are an added, but necessary, expenditure for organizations. Analysts say that 75% of cyber attacks happen to people or organizations that don't have any cybersecurity products.