Chirag Arora Donates Prized IP to CIS

August 16, 2018
East Greenbush, NY

New CIS Controls CISO Risk Matrix Tool Will Help Organizations Compare Themselves with Other Organizations in the Same Sector

Chirag-Arora Chirag Arora, an established cybersecurity professional and CIS Controlssupporter, has donated the CIS Controls CISO Risk Matrix Tool to CIS® (Center for Internet Security, Inc.) for sharing with its world-wide community.

The CIS Controls Risk Matrix tool is a self-assessment tool that will help organizations track and prioritize their implementation of the CIS Controls. Users can also use the tool to compare their organization to other organizations in their same sector (e.g. financial), and cross reference how they are doing with other frameworks (e.g. NIST CSF), and get references to help them improve their own cybersecurity assessment.

“Chirag Arora proactively created the tool from the CIS Controls. He then volunteered to donate it to CIS for sustainment and sharing across our global community. CIS’ team piloted and validated the tool, and provided feedback for improvements for this initial release.  We are immensely grateful to Chirag for his pivotal role in creating and sharing this new assessment tool freely with the international cybersecurity community. It’s another great example of how talented and dedicated professionals come together around the CIS Benchmarks and CIS Controls, and generously create products and services for the common good,” said Tony Sager, CIS Senior Vice President and Chief Evangelist.

“I am honored to play a modest role in providing CISOs with a new risk matrix tool for their cyber defense toolbox. CIS is known for mobilizing a global community of IT experts, and I am honored to be partner in this initiative to make the internet safer,” said Chirag Arora.

About CIS

CIS® (Center for Internet Security, Inc.) is a forward-thinking, non-profit entity that harnesses the power of a global IT community to safeguard private and public organizations against cyber threats. The CIS Controls and CIS Benchmarks™ are the global standard and recognized best practices for securing IT systems and data against the most pervasive attacks. These proven guidelines are continuously refined and verified by a volunteer, global community of experienced IT professionals. Our CIS Hardened Images™ are virtual machine emulations preconfigured to provide secure, on-demand, and scalable computing environments in the cloud. CIS is home to both the Multi-State Information Sharing and Analysis Center® (MS-ISAC®), the go-to resource for cyber threat prevention, protection, response, and recovery for U.S. State, Local, Tribal, and Territorial government entities, and the Elections Infrastructure Information Sharing and Analysis Center™ (EI-ISAC™), which supports the cybersecurity needs of U.S. State, Local and Territorial elections offices.  To learn more, visit or follow us on Twitter: @CISecurity.