At least one security incident indicative of at least one security event that may impact or has impacted one or more assets associated with an organization is obtained. A remediation recommendation is automatically generated for the security incident based on one or more of: (i) one or more remediation processes associated with one or more security incidents that precede the at least one security incident in time; and (ii) one or more values attributed to the one or more assets of the organization.