At least one security incident indicative of at least one security event that may impact or has impacted one or more assets associated with an organization is obtained. The at least one security incident is automatically ranked based on one or more of: (i) one or more rankings associated with one or more security incidents that precede the at least one security incident in time; and (ii) one or more values attributed to the one or more assets of the organization. The ranking of the at least one security incident is presented to an entity to make an assessment of the security event.