Auditing, Assessing, Analyzing: A Prioritized Approach using the Pareto Principle

Published on January 22, 2018

In an ever-growing mix of hundreds of potential cybersecurity concerns and even more proposed solutions, CIS applies the Pareto Principle – the concept that for many activities, roughly 80% of the effects come from 20% of the causes – to help prioritize cybersecurity actions.

CIS-Contorls-Pareto-Principle

As of June 23, 2025, the MS-ISAC has introduced a fee-based membership. Any potential reference to no-cost MS-ISAC services no longer applies.