Cybersecurity insider risk management

What is claimed is: 1 . A cybersecurity insider risk management method performed by a computing system with respect to an authorized user, the method comprising: automatically calculating an access pillar value based on at least one access signal, the access pillar value representing an access authorization of the authorized user which authorizes access to a computing system resource; automatically calculating an influence pillar value based on at least one influence signal, the influence pillar value representing an extent of influence of the authorized user; automatically computing an impact risk based on at least the pillar values; and automatically adjusting a cybersecurity characteristic based on at least the impact risk. 2 . The method of claim 1 , wherein the access signal represents at least one of the following: a count of computing system resources accessed by the authorized user; a count of computing system resources the authorized user is authorized to access; a count of computing system resources of a specified sensitivity which have been accessed by the authorized user; or a count of computing system resources of a specified sensitivity which the authorized user is authorized to access. 3 . The method of claim 1 , wherein the influence signal represents at least one of the following: a position of the authorized user within a hierarchy of an organization; a title or a role of the authorized user within an organization; a count of people who report to the authorized user within an organization; or an administrative role of the authorized user within a computing environment. 4 . The method of claim 1 , further characterized in at least one of the following ways: automatically calculating the access pillar value includes calculating a weighted combination in which at least two access signals have different respective weights; or automatically calculating the influence pillar value includes calculating a weighted combination in which at least two influence signals have different respective weights; automatically computing the impact risk includes computing a weighted combination in which the pillar values have different respective weights. 5 . The method of claim 1 , wherein the impact risk is also automatically computed based on an additional pillar value which represents at least one of the following: an access request response speed for requests by the authorized user to access computing system resources. a success rate of the authorized user in receiving access to computing system resources; a membership of the authorized user in a computing system security group; a cybersecurity attack on the authorized user; an exfiltration activity of the authorized user; a public visibility of the authorized user; a measure of influence of the authorized user on a social network; a risk of damage to a brand of an organization; or a mission criticality of a computing system resource that is accessible to the authorized user. 6 . The method of claim 1 , further comprising automatically displaying a human-readable explanation of a computational basis utilized while computing the impact risk. 7 . The method of claim 1 , wherein automatically adjusting a cybersecurity characteristic based on at least the impact risk comprises at least one of the following: automatically boosting a risk score in a cybersecurity tool which has alerting functionality; automatically disabling, automatically suspending, or automatically deleting an account in a computing environment; automatically altering membership of the authorized user in a computing system security group; automatically turning on a particular security threat detection mechanism; automatically turning off a particular security threat detection mechanism; automatically changing a particular security alert threshold; or training a machine learning model with training data, wherein at least one quarter of the training data includes influence signals, access signals, pillar values, or impact risks, as measured by data size or training data examples count or both. 8 . The method of claim 1 , wherein automatically computing the impact risk is also based on at least a cumulative potential exfiltration anomaly access signal which represents a detection of anomalous cumulative potential exfiltration of data by the authorized user. 9 . The method of claim 8 , further comprising detecting the anomalous cumulative potential exfiltration of data by the authorized user at least in part by comparing potential exfiltration activity of the authorized user to first activities of a first peer group of the authorized user and to second activities of a second peer group of the authorized user. 10 . The method of claim 1 , further comprising calculating a weighted combination based on at least a mean risk score for a signal or a pillar, and a distance from the mean risk score. 11 . The method of claim 1 , further comprising imposing role-based access control on requests to view impact risks. 12 . The method of claim 1 , further comprising marking the authorized user with a potential high impact user designation based on the impact risk exceeding a specified threshold, and persisting the designation after the impact risk is below the specified threshold. 13 . An insider risk management computing system which is configured to manage insider risks to a managed computing system that contains resources, the insider risk management computing system comprising: a digital memory, at least a portion of the digital memory being external to the managed computing system; a processor in operable communication with the digital memory, the processor configured to perform insider risk management operations including automatically: computing an impact risk of an authorized user of the managed computing system, and adjusting a cybersecurity characteristic of the managed computing system based on at least the impact risk; wherein the authorized user of the managed computing system includes at least one of: a user device within the managed computing system, a user account within the managed computing system, a computational mechanism within the managed computing system, or a computational artifact within the managed computing system; wherein the impact risk includes a digital value which represents an impact of unauthorized activity of the authorized user or future unauthorized activity of the authorized user or both, the impact risk is computed based on at least an authorized user access pillar value and an authorized user influence pillar value, the authorized user influence pillar value represents an extent of influence of the authorized user within the managed computing system or within an organization which utilizes the managed computing system, or both, and the authorized user access pillar value represents an extent of authorized access to the managed computing system resources by the authorized user. 14 . The insider risk management computing system of claim 13 , in combination with the managed computing system. 15 . The combined insider risk management computing system and managed computing system of claim 14 , wherein the managed computing system contains a security control and a security group, the security control is applied differently to users who are members of the security group than to users who are not members of the security group, and the adjusting includes at least one of: altering user membership of the security group based on at least the impact risk, or modifying application of the security control to at least one