monitoring on an ongoing basis for evidence of the presence of infected systems in one or more third-party organizational networks that are each associated with a different third-party monitored organizational entity possessing digital assets, by externally observing network communication information about the third-party organizational networks,

providing an ontology that associates different subsets of the observed communication information to each of a plurality of third-party organizational entities possessing digital assets,

continuously updating machine-readable risk profiles for the third-party monitored organizational entities based on the information from the monitoring,

aggregating machine-readable risk scores for the third-party monitored organizational entities, wherein the aggregating the risk scores aggregates the risk scores for each of the third-party monitored organizational entities based on the associations in the ontology to derive an aggregated risk score,

electronically reporting the aggregated risk scores to an end user, wherein the electronically reporting the aggregated risk score to an end user reports a score that is based on evidence of the presence of infected systems and other risks, and wherein the electronically reporting the aggregated risk score provides a user interface and wherein the user interface is responsive to user actuation that allows the user to explore the ontological relationships that lead to the aggregated organizational entity risk score.