CIS Controls Ambassador Spotlight: Chirag Arora

The CIS Critical Security Controls^® (CIS Controls^®) Community is fortunate to include many experienced cybersecurity leaders who volunteer their time and expertise to help improve cybersecurity best practices and make the connected world a safer place. Among these distinguished leaders is Chirag Arora, a visionary whose contributions have significantly advanced the field of cybersecurity.

Over the past decade, Arora has served as a Chief Information Security Officer in multiple organizations. Currently, he is a Cyber Security Executive Advisor and CISO at Dorf Nelson & Zauderer LLP in New York. He also chairs the GlobalCISO Leadership Foundation. Arora is widely acclaimed for his outstanding contributions to the cybersecurity domain, earning numerous awards and accolades for his leadership and expertise in fortifying cybersecurity programs for global enterprises.

Arora has also been an integral part of the CIS Controls Community, serving in various pivotal roles. As an Editorial Panel member since 2015, he has provided valuable input to different versions of CIS Controls. In 2019, he became a Technical Advisory Group Member, and he has contributed to the mission and vision of the Center for Internet Security^® (CIS^®) by participating in group meetings and providing his expert insights.

“As a CIS Controls Ambassador, I aim to further promote the CIS Controls to global institutions, advising governments on improving their cybersecurity posture and preparing for nation-state attacks,” said Arora.

In 2017, Arora came up with the idea of developing a tool to enable security leaders globally to assess, compare, and improve their cyber maturity, fostering collaboration. This vision led to the creation of the CIS Controls Self Assessment Tool (CIS CSAT), which he developed and donated to CIS.

In 2018, Arora’s efforts led to the development and donation of the Election Infrastructure Security Assessment Tool to CIS. This tool was made publicly available to all U.S. state and local election offices.

Arora's profound knowledge and research focus on cyber governance have positioned him as a trailblazer in the industry. His extensive experience includes conducting security gap assessments based on CIS Controls, NIST CSF 2.0, and ISO 27001 frameworks, further solidifying his reputation as a cybersecurity thought leader.

"As a security leader, I take immense pride in my association with CIS, focusing on the CIS Controls," said Arora. "CIS Controls offer a more simplified approach to solving cybersecurity challenges and achieving reasonable security standards. The prioritized approach using Implementation Groups creates clear, actionable milestones you can use to evolve your security maturity."

Currently, Arora chairs the GlobalCISO Leadership Foundation, where he has developed and contributed to a certification program to help his CISO peers. In 2022, he organized a global cybersecurity summit for legal aid groups, nonprofits, and pro bono firms.

Want to help contribute to CIS security best practices like the Controls?