There are many things that a company can do to reduce the cost of a data breach, if it happens. Including these activities in your approach to cybersecurity can be affective ways to further reduce cybersecurity risk. Models for the cost of a data breach that are based upon historical industry data reveal a large "tail" distribution for the cost. For ten percent of companies that experience a large data breach, the costs can be quite high. Two important costs are investigation and notification. This presentation identifies actions that can be taken to lower the cost of investigation and notification.