A method includes obtaining information regarding authentication events for users accessing assets of an enterprise system. The method also includes determining a likelihood of a given asset of the enterprise system becoming compromised responsive to compromise of a given user of the enterprise system. The method further includes determining an importance of the given asset based at least in part on a criticality value associated with the given asset, and generating a risk score for the given asset based at least in part on the determined likelihood of the given asset becoming compromised responsive to compromise of the given user and the determined importance of the given asset. The method further includes identifying remedial actions to reduce the risk score for the given asset and implementing, prior to detecting compromise of the given user, at least one of the remedial actions to modify a configuration of the given asset.