As the chief information security officer (CISO) of a large corporation, you have been briefed about a significant security vulnerability in one of the company's core systems. This vulnerability could potentially lead to substantial data breaches if not promptly addressed. When presenting this issue to the board of directors, what piece of information would be MOST influential in their decision-making process?