Roger Grimes

Data-Driven Defense Evangelist

Roger A. Grimes is Data-Driven Defense Evangelist at KnowBe4. He is a 30-year computer security professional, author of 13 books and over 1,200 national magazine articles. He frequently consults with international organizations of all sizes and many of the world’s militaries. Grimes regularly presents at national computer security conferences, and is known for his often contrarian, fact-filled viewpoints.

Request This Speaker

On-Demand Webinars

See All KnowBe4 Webinars

See All

Books

Find all of Roger's books on Amazon

See All

Scammers Can Be Victims Too

Mar 20, 2025 10:27:52 AM By Roger Grimes

There are thousands of people worldwide trying to scam you, hoping they can make you a victim, steal your money, and harm you in some way. While some of it is done by individuals or small ...

Agentic AI: Why Cyber Defenders Finally Have the Upper Hand

Mar 18, 2025 10:27:16 AM By Roger Grimes

My two previous recent postings on AI covered “Agentic AI” and how that impacts cybersecurity and the eventual emergence of malicious agentic AI malware.

Make Your Real Emails Less Phishy

Mar 13, 2025 9:14:05 AM By Roger Grimes

I infrequently get emails from customers who are frustrated because their employer sent out some legitimate mass email to all employees that unfortunately had all the hallmarks of a ...

Autonomous Agentic AI-Enabled Deepfake Social Engineering Malware is Coming Your Way!

Mar 10, 2025 9:17:27 AM By Roger Grimes

I’ve been in the cybersecurity industry for over 36 years. Surprisingly, hackers and malware haven't changed all that much.

Software Will Become Agentic and the Security Lessons We Need To Learn

Mar 7, 2025 9:14:24 AM By Roger Grimes

Ever since OpenAI publicly released ChatGPT in late 2022, people have been predicting the end of programmers.

Primary Refresh Tokens Aren’t Your Parent’s Browser Token

Mar 4, 2025 9:40:59 AM By Roger Grimes

If you haven’t been paying attention closely enough, a new type of access control token, like a super browser token on steroids, is becoming hackers' theft target of choice.

[NEW] KnowBe4 Interviews a Fake North Korean Employee

Feb 24, 2025 8:43:19 AM By Roger Grimes

You would think with all the global press we have received because of our public announcement of how we mistakenly hired a North Korean fake employee in July 2024, followed by our ...

Effective Security Awareness Training Really Does Reduce Data Breaches

Jan 17, 2025 4:53:23 PM By Roger Grimes

Social engineering and phishing are involved in 70% - 90% of data breaches. No other root cause of malicious hacking (e.g., unpatched software and firmware, eavesdropping, cryptography ...

Brad Pitt Romance Scams Pushed By AI-Enabled Deepfakes

Jan 17, 2025 8:31:27 AM By Roger Grimes

I have helped people detect romance scams for decades. It is still very common for romance scammers to leverage both pictures of celebrities and pictures of innocent, everyday people as ...

"Get Beyond Security Awareness Training" Does Not Mean Forgetting About It

Dec 23, 2024 5:13:52 PM By Roger Grimes

KnowBe4 is a big believer in focusing on decreasing human risk as the best way to decrease cybersecurity risk in most environments.

James Bond-Style Scamming Profits Explode

Dec 20, 2024 3:48:39 PM By Roger Grimes

There is a type of scam where victims are contacted by someone fraudulently posing as a popular trusted entity (e.g., Amazon, U.S. Post Office, etc.), law enforcement, or an intelligence ...

No, KnowBe4 Is Not Being Exploited

Dec 18, 2024 11:57:49 AM By Roger Grimes

Some of our customers are reporting “Threat Alerts” from Mimecast stating hackers have exploited KnowBe4 or KnowBe4 domains to send email threats.

Be Careful of Malicious Ads

Dec 12, 2024 11:39:14 AM By Roger Grimes

For decades, we have all been warned to be appropriately skeptical of internet search engine results. Sadly, most people are not.

Why Controversial Phishing Emails Do Not Work

Dec 6, 2024 9:38:23 AM By Roger Grimes

Frequently, when a cybersecurity training manager sends out a controversial simulated phishing attack message that angers a bunch of employees and ends up making headlines, we get called ...

CISA Strongly Recommends Phishing-Resistant MFA

Nov 27, 2024 10:16:09 AM By Roger Grimes

We are excited to see the Cybersecurity Infrastructure Security Agency (CISA) and outgoing Director Jen Easterly strongly recommend PHISHING-RESISTANT multi-factor authentication (MFA).

Beware of Fake Tech Support Scams

Nov 20, 2024 2:22:06 PM By Roger Grimes

About five years ago, I was having trouble with an expensive brand-name refrigerator that my wife and I had bought. It was a great refrigerator feature-wise. My wife and I initially loved ...

Purina’s Champions Program Is the Best I Have Seen

Nov 19, 2024 9:02:42 AM By Roger Grimes

In my most recent book, Fighting Phishing: Everything You Can Do to Fight Social Engineering and Phishing, I highlight the use of “champions," which are co-workers in your organization ...

Step-by-Step To Creating Your First Realistic Deepfake Video in a Few Minutes

Nov 12, 2024 3:38:29 PM By Roger Grimes

Learn how to step-by-step create your first realistic deepfake video in a few minutes.

If Social Engineering Is 70% - 90% of Attacks, Why Aren’t We Acting Like It?

Nov 4, 2024 1:37:53 PM By Roger Grimes

Over a decade ago, I noticed that social engineering was the primary cause for all malicious hacking. It has been that way since the beginning of computers, but it took me about half of ...

Every Cybersecurity List Should Be a Risk-Ranked List

Nov 1, 2024 2:34:28 PM By Roger Grimes

Cybersecurity is all about risk management and reduction. You cannot get rid of all risk. Well, I guess you could, but you (and everyone else) would probably not want to work in a true ...

Security Awareness Training Blog

View Topics