Automated prioritization of cyber risk to digital identities

What is claimed is: 1 . A computer-implemented method for mitigating cyber security risk of an enterprise network, the computer-implemented method being executed by one or more processors and comprising: obtaining graph data defining a knowledge graph including nodes and edges between the nodes, the nodes representing respective objects of the enterprise network including digital identities and resources, each node being associated with an explicit risk score and one or more properties of the represented object, each edge representing a relation between objects; determining priority scores for the objects of the enterprise network, including, for a first object represented by a first node: determining an implicit risk score for the first node by propagating explicit risk scores over edges of the knowledge graph; determining a total risk score for the first node from the explicit risk score of the first node and the implicit risk score of the first node; and determining a priority score for the first node based on the total risk score and one or more properties associated with the first node; generating a ranking of the objects of the enterprise network according to the respective priority scores; and providing, for presentation on a display of a computing device, cyber security risk data indicating the ranking of the objects of the enterprise network. 2 . The method of claim 1 , wherein the cyber security risk data includes a list of digital identities and the total risk scores for each of the digital identities. 3 . The method of claim 1 , wherein the cyber security risk data includes a list of resources and the total risk scores for each of the resources. 4 . The method of claim 1 , wherein the digital identities include human identities. 5 . The method of claim 1 , wherein the digital identities include non-human identities. 6 . The method of claim 1 , wherein the resources include applications and workstations. 7 . The method of claim 1 , wherein: the first node represents a digital identity; a second node represents a resource; and an edge between the first node and the second node represents the digital identity having access to the resource. 8 . The method of claim 1 , wherein: the first node represents a first digital identity; a second node represents a second digital identity; and an edge between the first node and the second node represents that the first digital identity reports to, manages, or works with the second digital identity. 9 . The method of claim 1 , wherein: the first node represents a first digital identity; a second node represents a group of digital identities; and an edge between the first node and the second node represents that the first digital identity is included in the group of digital identities. 10 . The method of claim 1 , wherein: the first node represents a group of digital identities; a second node represents a resource; and an edge between the first node and the second node represents the group of digital identities having access to the resource. 11 . The method of claim 1 , wherein the explicit risk score represents an expected level of risk for the associated object over a time duration. 12 . The method of claim 1 , comprising generating the knowledge graph from at least one of a group consisting of: organizational data representing an organizational structure of the enterprise; access data representing accesses of digital identities to resources; and event data representing cybersecurity events that have occurred within the enterprise network. 13 . The method of claim 12 , wherein the access data includes at least one of a group consisting of: login data representing accesses of digital identities to workstations; and entitlement data representing accesses of digital identities to applications. 14 . The method of claim 1 , wherein the one or more properties associated with the first node include an organizational importance factor for the object represented by the first node, the organizational importance factor being determined based on organizational data representing an organizational structure of the enterprise. 15 . The method of claim 1 , wherein the one or more properties associated with the first node include a compliance status of the object represented by the first node. 16 . The method of claim 1 , wherein the one or more properties associated with the first node include a number of nodes connected to the first node by an edge. 17 . The method of claim 1 , comprising: selecting one or more objects of the enterprise network based on the respective priority scores; and performing one or more actions to mitigate the cyber security risk associated with the selected one or more objects. 18 . The method of claim 1 , wherein the one or more properties associated with the first node include a historical average total risk score for the first node, the method comprising: determining a difference between the total risk score and the historical average total risk score for the first node; and determining the priority score for the first node based at least in part on the difference between the total risk score and the historical average total risk score. 19 . One or more non-transitory computer-readable storage media coupled to one or more processors and having instructions stored thereon which, when executed by the one or more processors, cause the one or more processors to perform operations for mitigating cyber security risk of an enterprise network, the operations comprising: obtaining graph data defining a knowledge graph including nodes and edges between the nodes, the nodes representing respective objects of the enterprise network including digital identities and resources, each node being associated with an explicit risk score and one or more properties of the represented object, each edge representing a relation between objects; determining priority scores for the objects of the enterprise network, including, for a first object represented by a first node: determining an implicit risk score for the first node by propagating explicit risk scores over edges of the knowledge graph; determining a total risk score for the first node from the explicit risk score of the first node and the implicit risk score of the first node; and determining a priority score for the first node based on the total risk score and one or more properties associated with the first node; generating a ranking of the objects of the enterprise network according to the respective priority scores; and providing, for presentation on a display of a computing device, cyber security risk data indicating the ranking of the objects of the enterprise network. 20 . A system, comprising: one or more processors; and a computer-readable storage device coupled to the one or more processors and having instructions stored thereon which, when executed by the one or more processors, cause the one or more processors to perform operations for mitigating cyber security risk of an enterprise network, the operations comprising: obtaining graph data defining a knowledge graph including nodes and edges between the nodes, the nodes representing respective objects of the enterprise network including digital identities and resources, each node being associated with an explicit risk score and one or more properties of the represented object, each edge representing a relation between objects; determining priority scores for the o