Skip to main content
Currently on loravaughn.com → visit Vaughn Cyber Group
Lora Vaughn

// SPEAKER · CISO · WRITER · COMMUNITY

Lora
Vaughn.

Cybersecurity leader who's protected billions in assets. Now helping organizations get security right through speaking and fractional CISO work.

EX-NSA · 2X CISO · F500 EXPERIENCE · CISSP

Book me to speak → vaughncybergroup.com
SPEAKER 2X CISO EX-NSA CISSP LINKEDIN LEARNING

// 01 / SPEAKING

Book Lora for your next event

Engaging keynotes with actionable insights. No vendor pitches. No buzzwords.

"Best presenter all day."

ISC2 Security Congress 2025

"Best talk so far in clarity and content value."

ISC2 Security Congress 2024

"Amazing speaker, actionable content."

ISC2 Security Congress 2025
For Security Teams

Plan for Chaos: Why Most IR Plans Fail Big

Real stories from incident response failures: what actually breaks and how to build muscle memory before you need it.

For General Audiences

The Spy in Your Pocket: Mobile Security for Everyone

Your smartphone knows more about you than your closest friends. Here's what to do about it, no jargon required.

Request speaking info → download speaker kit

// 02 / FRACTIONAL CISO

Need a Fractional CISO?

Not ready for a full-time hire? I help startups, SMBs, and community banks build security programs that actually work, without the enterprise price tag or consultant-speak.

  • Fractional CISO services: Part-time security leadership
  • SOC 2 & compliance readiness: Audit prep without the panic
  • Incident response planning: Build the playbook before you need it
  • Post-incident stabilization: Just had a breach? Let's fix it.
→ explore consulting at vaughncybergroup.com

// 03 / RECENT WRITING

How I think about security

No buzzwords. No vendor pitches. Just real talk.

Featured image for Your no-code MVP can't legally hold the data it was built for

Your no-code MVP can't legally hold the data it was built for

No-code and AI app builders are great for prototypes, but they won't sign the agreement that lets you legally handle regulated data. Here's the line every founder needs to know before real data shows up.
Featured image for Your Ransomware Negotiator Might Be Playing Both Sides

Your Ransomware Negotiator Might Be Playing Both Sides

The DigitalMint conviction proves your IR vendor pre-vetting is part of your security program, not an afterthought. Here is what to ask before the next incident, not during it.
Featured image for We Used to Have Pockets. Then Someone Took Them

We Used to Have Pockets. Then Someone Took Them

A choir practice rant about why women's clothing has no real pockets, how that happened, and why a missing pocket was never really about the pocket.
→ view all posts

// 04 / TRACK RECORD

By the numbers

150M+
customers protected
$20B+
in assets secured
10%
of internet traffic defended
200+
global markets
20+
years experience

// Speaking

  • ISC2 Security Congress (2024, 2025)
  • WiCyS Conference
  • Southeast Cybersecurity Summit
  • Rapid7 UNITED

// Recognition

  • CISOs Connect A100, 2024 and 2025
  • LinkedIn Learning Instructor
  • CISSP Certified

// SPEAK

Book a Keynote

Bring real security insights to your next event.

→ request info

// HIRE

Hire Fractional CISO

Security leadership without the full-time commitment.

→ explore VCG

// CONNECT

Stay Connected

Security insights and career advice.

→ on linkedin