Systems and methods for determining asset importance in security risk management

What is claimed is: 1. A computer-implemented method for ranking importance of assets of an entity, the assets comprising hosts associated with the entity, the method comprising: receiving at least one of: a first dataset comprising (i) a respective plurality of hostnames of a plurality of hosts and (ii) lookup counts for each hostname of the plurality of hostnames, the lookup counts obtained from a stream of a domain name system (DNS) queries; a second dataset comprising source code for a plurality of websites indicating, for each website, whether a host of the website is configured to collect data from users, the websites associated with the entity; or a third dataset comprising a plurality of authentication certificates associated with at least one of the plurality of hosts; determining input data based on the received at least one first dataset, second dataset, or third dataset such that: when the first dataset is received, determining a first input data comprising, for each host of the plurality of hosts, a ratio of (a) a number of lookup counts of the hostname of the host to (b) a maximum number of lookup counts of the plurality of hostnames for the entity; when the second dataset is received, determining a second input data indicating, for each host of the website, whether the source code indicates that the host is configured to collect data from users of the website; and when the third dataset is received, determining a third input data indicating, for the at least one host, whether the host has an authentication certificate; and determining, for each host associated with the entity, a host importance ranking based on the determined input data. 2. The method of claim 1 , further comprising: receiving at least two of the first dataset, second dataset, or third dataset; and determining, for each host associated with the entity, the host importance ranking based on a weighting of the at least two of the first input data, the second input data, or the third input data. 3. The method of claim 2 , further comprising receiving the first dataset, wherein determining, for each host associated with the entity, the host importance ranking further comprises: if the lookup count is zero, determining that the host importance ranking is lower than a host associated with (i) one or more lookup counts, (ii) source code indicating that the host is configured to collect data from users of the web site, or (iii) an authentication certificate. 4. The method of claim 2 , further comprising: receiving the first dataset, second dataset, and third dataset; determining, for each host associated with the entity, the host importance ranking based on the weighting of the first input data, the second input data, and the third input data; and determining a maximum of: (i) the first input data; and (ii) a sum of: (a) the first input data multiplied by a first weight; (b) the second input data multiplied by a second weight; and (c) the third input data multiplied by a third weight. 5. The method of claim 4 , further comprising: if the lookup count is at least one, setting the first weight to equal to the second weight and the third weight to equal to less than the first weight, such that the sum of the first weight, the second weight, and the third weight is equal to one; and if the lookup count is zero, setting a sum of the second weight and the third weight to equal less than the first weight. 6. The method of claim 1 , further comprising: assigning a unique identifier to each host associated with the entity. 7. The method of claim 1 , wherein the first dataset comprises lookup counts for each hostname over seven consecutive days. 8. The method of claim 1 , wherein the source code comprises HTML data for the plurality of websites. 9. The method of claim 1 , wherein, when the second dataset is received, determining the second input data further comprises: determining whether the source code indicates that the website includes a form for collecting data from the users of the website. 10. The method of claim 9 , wherein, when the second dataset is received, determining the second input data further comprises: excluding those websites in which the form collects only search queries. 11. The method of claim 1 , further comprising: presenting the host importance ranking in a user interface. 12. The method of claim 11 , wherein, when the second dataset is received, determining the second input data further comprises: collecting a URL of the website, wherein presenting the host importance ranking in a user interface comprises: presenting the URL of the website with the corresponding host. 13. The method of claim 1 , wherein the assets further comprise Internet Protocol (IP) addresses associated with the entity, the method further comprising: receiving at least one of: a fourth dataset comprising (i) a plurality of IP addresses and (ii) lookup counts for each IP address of the plurality of IP addresses; a fifth dataset comprising at least one service or application type associated with at least one IP address associated with the entity; a sixth dataset comprising fingerprints and/or cookies associated with another plurality of IP addresses associated with the entity; determining additional input data based on the received at least one fourth dataset, fifth dataset, or sixth dataset such that: when the fourth dataset is received, determining a fourth input data comprising a ratio of (a) a number of lookup counts of the IP addresses to (b) a maximum number of lookup counts of the IP addresses for the entity; when the fifth dataset is received, determining a fifth input data comprising a ranking of the at least one service or application type, the ranking determined by comparing each service or application type to a database of pre-ranked service or application types; when the sixth dataset is received, determining a sixth input data comprising a ratio of (a) a number of unique fingerprints and/or unique cookies of an IP address of the other plurality of IP addresses to (b) a maximum of numbers of unique fingerprints and/or unique cookies for the other plurality of IP addresses of the entity; and determining, for each IP address associated with the entity, an IP address importance ranking based on the determined additional input data. 14. The method of claim 13 , further comprising: determining, for each IP address of the entity, the IP address importance ranking based on a weighting of the at least two of the fourth input data, the fifth input data, the sixth input data, or the host importance ranking. 15. The method of claim 13 , wherein the fifth dataset comprises at least two service or application types for a particular IP address of the at least one IP address, and wherein, when the fifth dataset is received, determining the fifth input data comprises: determining the ranking of the at least two or application service types; and retaining a ranking of a highest ranked service or application type of the at least two service or application types. 16. The method of claim 13 , wherein the fifth dataset comprises at least thirty days of data related to the at least one service or application type. 17. The method of claim 13 , wherein, when the fifth dataset is received, determining the fifth input data comprises: ranking the at least one service or application type based on a function and/or a criticality of a corresponding service or application having the at least one service or application type. 18. The meth