Security Awareness Training Blog

Keeping You Informed. Keeping You Aware.
Stay on top of the latest in security including social engineering, ransomware and phishing attacks.

View Topics

Roger Grimes

Roger Grimes

Data-Driven Defense Evangelist

Roger A. Grimes is Data-Driven Defense Evangelist at KnowBe4. He is a 30-year computer security professional, author of 13 books and over 1,200 national magazine articles. He frequently consults with international organizations of all sizes and many of the world’s militaries. Grimes regularly presents at national computer security conferences, and is known for his often contrarian, fact-filled viewpoints.
Request This Speaker

On-Demand Webinars

See All KnowBe4 Webinars

Books

Find all of Roger's books on Amazon

Recent Posts

How Secure Is Your Authentication Method?

Sep 6, 2023 8:53:21 AM By Roger Grimes
I frequently write about authentication, including PKI, multi-factor authentication (MFA), password managers, FIDO, Open Authentication, and biometrics. I have written dozens of articles ...
Continue Reading

Social Engineering Is the Number One Cybersecurity Problem by Far

Aug 23, 2023 1:10:11 PM By Roger Grimes
The number one way that hackers and malware compromise people, devices, and networks is social engineering. No one argues that anymore, but it was not always known or discussed that way. ...
Continue Reading

[GUIDE] Scary SEO and Waterhole Attacks: What You Need to Know Now

Aug 11, 2023 8:22:22 AM By Roger Grimes
Most social engineering scams search out their potential victims, often sending emails to known email addresses, sending chat messages to them or calling known phone numbers. The ...
Continue Reading

How KnowBe4 Can Help You Fight Spear Phishing

Jul 27, 2023 8:00:00 AM By Roger Grimes
This blog was co-written by KnowBe4's Data-Driven Defense Evangelist Roger A. Grimes and Chief Learning Officer John Just. Social engineering is involved in 70% to 90% of successful ...
Continue Reading

Want To Stop All Scams? Here Is How!

Jun 23, 2023 2:25:52 PM By Roger Grimes
There are many ways to be socially engineered and phished, including email, websites, social media, SMS texts, chat services, phone calls and in-person. These days, it is hard to sell ...
Continue Reading

Why Do You Still Need Security Awareness Training If You Use Phishing-Resistant MFA?

Jun 7, 2023 10:21:14 AM By Roger Grimes
For years, KnowBe4 has been a long-time proponent of everyone using PHISHING-RESISTANT multi-factor authentication (MFA) whenever possible.
Continue Reading

[Wake-Up Call] It's Time to Focus More on Preventing Spear Phishing

May 31, 2023 2:22:02 PM By Roger Grimes
Fighting spear phishing attacks is the single best thing you can do to prevent breaches.
Continue Reading

Comprehensive Anti-Phishing Mitigations: A Quick Overview

May 8, 2023 9:59:46 AM By Roger Grimes
The evidence is clear – there is nothing most people and organizations can do to vastly lower cybersecurity risk than to mitigate social engineering attacks. Social engineering is ...
Continue Reading

The Two Best Things You Can Do To Protect Yourself and Organization

May 2, 2023 8:22:23 AM By Roger Grimes
Since the beginning, two types of computer attacks (known as initial root cause exploits) have composed the vast majority of successful attacks: social engineering and exploiting ...
Continue Reading

Win The AI Wars To Enhance Security And Decrease Cyber Risk

Apr 12, 2023 8:20:54 AM By Roger Grimes
With all the overwrought hype with ChatGPT and AI…much of it earned…you could be forgiven for thinking that only the bad actors are going to be using these advanced technologies and the ...
Continue Reading

Top Takeaways You Could be Missing Out on my Upcoming Ransomware Master Class

Apr 11, 2023 8:20:01 AM By Roger Grimes
There is no doubt that ransomware is one of the top cybersecurity challenges of our lifetime. Survey after survey has revealed senior management and IT employees from the top on down, ...
Continue Reading

The Future of Cyber Attacks? Speed, More Speed

Mar 22, 2023 8:46:51 AM By Roger Grimes
I get asked all the time to “predict” the future of cybercrime. What will be the next big cyber attack? What will be the next paradigm platform shift that attackers will target? And so on.
Continue Reading

[Black Eye] The Lesson We Learned. Don't Let this Happen to You. #DMARC

Mar 18, 2023 1:15:43 PM By Roger Grimes
Mea Culpa. When you make a mistake, admit you made a mistake.
Continue Reading

Understanding DMARC Better

Mar 16, 2023 10:30:19 AM By Roger Grimes
I talk and present often about DMARC (and SPF and DKIM), including here. A lot of people who think they understand how DMARC works, do not really understand it as well as they think they ...
Continue Reading

5 Reasons Why SecurityCoach Is Awesome

Mar 14, 2023 9:27:01 AM By Roger Grimes
I’ve been doing computer security for over 34 years and in that time, I haven’t seen a lot of game-changing products. What I have seen is a lot of new products that claimed to be ...
Continue Reading

GLBA and Other Regulations Wake Up to the Importance of Security Awareness Training With  June 9, 2023 Deadline

Feb 27, 2023 4:15:26 PM By Roger Grimes
Most computer security practitioners have understood for many years the importance of having an aggressive security awareness training program. As social engineering is involved in 70% to ...
Continue Reading

Should You Click on Unsubscribe?

Feb 21, 2023 4:36:29 PM By Roger Grimes
Some common questions we get are “Should I click on an unwanted email’s ’Unsubscribe’ link? Will that lead to more or less unwanted email?”
Continue Reading

Will AI and Deepfakes Weaken Biometric MFA

Feb 17, 2023 9:31:39 AM By Roger Grimes
You should use phishing-resistant multi-factor authentication (MFA) when you can to protect valuable data and systems. But most biometrics and MFA are not as strong as touted and much of ...
Continue Reading

How Does Quantum Impact Passwords?

Jan 25, 2023 4:03:39 PM By Roger Grimes
Yeah, quantum computers are likely to be able to crack passwords from every angle.
Continue Reading

Is Your Organization’s Password Complexity Requirement Strong Enough? Probably Not

Jan 17, 2023 8:15:27 AM By Roger Grimes
Is your organization’s password complexity strong enough?
Continue Reading
Subscribe

Search Our Blog


Cybersecurity Awareness Month Free Resource Kit

Subscribe To Our Blog

Posts By Topic

View all

Get the latest about social engineering

Subscribe to CyberheistNews