Roger Grimes

Data-Driven Defense Evangelist

Roger A. Grimes is Data-Driven Defense Evangelist at KnowBe4. He is a 30-year computer security professional, author of 13 books and over 1,200 national magazine articles. He frequently consults with international organizations of all sizes and many of the world’s militaries. Grimes regularly presents at national computer security conferences, and is known for his often contrarian, fact-filled viewpoints.

Request This Speaker

On-Demand Webinars

See All KnowBe4 Webinars

Books

Find all of Roger's books on Amazon

CISA’s Red Team Exercise Shows Value of Phishing, but Misses the Best Recommendation

Jul 19, 2024 1:52:49 PM By Roger Grimes

Phishing is used to completely compromise the victim’s environment after other repeated methods failed.

Chile Leads Latin America With New Cybersecurity Governance

Jul 18, 2024 11:30:06 AM By Roger Grimes

Chile took a major step toward a more resilient cyber landscape for its citizens and the Latin American region on Tuesday, March 26, 2024, when Chile’s president of the Republic, Gabriel ...

Ransomware Attacks on Healthcare Is Costing Lives

Jul 11, 2024 2:01:48 PM By Roger Grimes

Ransomware is more prolific and expensive than ever. Depending on the source you read, the average or median ransomware payment was at least several hundred thousand dollars to well over ...

Simulated Phishing Tests Matter

Jun 26, 2024 1:51:18 PM By Roger Grimes

If you had to choose between regular cybersecurity training and simulated phishing testing, the data shows you should choose simulated phishing tests.

Fighting Phishing: Everything You Can Do to Fight Social Engineering and Phishing

Jun 7, 2024 8:16:24 AM By Roger Grimes

I have created a comprehensive webinar, based on my recent book, “Fighting Phishing: Everything You Can Do to Fight Social Engineering and Phishing”. It contains everything that KnowBe4 ...

Social Engineering Scams Can Come in the Mail, Too

Jun 6, 2024 8:27:18 AM By Roger Grimes

Social engineering scams can come through any communications channel (e.g., email, web, social media, SMS, phone call, etc.). They can even come in the mail as the Nextdoor warning below ...

The Hard Evidence That Phishing Training and Testing Really Works Great

May 31, 2024 2:56:33 PM By Roger Grimes

Security awareness training (SAT) and simulated phishing works to significantly reduce cybersecurity risk. We have the data, customer testimonials and government recommendations to prove ...

KnowBe4 Free Tools Now Available On CISA’s Website

May 28, 2024 2:27:07 PM By Roger Grimes

We are big fans of the U.S. Cybersecurity Infrastructure Security Agency (CISA), whose informal slogan of “An organization so committed to security that it’s in our name twice” is a ...

Black Basta Ransomware Uses Phishing Flood to Compromise Orgs

May 16, 2024 12:54:01 PM By Roger Grimes

Rapid7 reports an interesting social engineering scheme that easily bypasses content filtering defenses and creatively uses a fake help desk to supposedly “help” users put down the attack.

Google’s Multi-Party Approval Process Is Great, but Not Unphishable

May 10, 2024 1:49:20 PM By Roger Grimes

Like most observers, I celebrated Google’s recent announcement on April 9th about new multi-party approvals for a handful or so of common actions accomplished by super admins in Google ...

Is RogerLovesTaco$24 a Strong Password?

May 2, 2024 3:32:01 PM By Roger Grimes

Is "RogerLovesTaco$24" a strong password? No! Everyone has a ton of passwords. They should be strong and unique for every site and service you use. Everyone knows this.

The Art of Huh?

Apr 29, 2024 2:03:05 PM By Roger Grimes

One of the best things you can teach yourself, your family, and your organization is how to recognize the common signs of phishing and how to mitigate and appropriately report it.

Next Week is World Password Day!

Apr 26, 2024 8:20:19 AM By Roger Grimes

May 2nd is World Password Day. Despite the computer industry telling us for decades that our passwords will soon be gone, we now have more than ever!

You Really Are Being Surveilled All the Time

Apr 15, 2024 3:56:30 PM By Roger Grimes

“If the product is free, you are the product!” No truer words have ever been spoken. But in today’s internet-connected, ad-everywhere world, even if you are paying for the product or ...

Critical Improvements To The Seven Most Common Pieces of Cybersecurity Advice

Apr 9, 2024 2:05:26 PM By Roger Grimes

I have been in the cybersecurity industry for over 35 years and I am the author of 14 books and over 1,400 articles on cybersecurity.

Social Engineering The #1 Root Cause Behind Most Cyber Crimes In FBI Report

Mar 21, 2024 11:37:14 AM By Roger Grimes

The following paragraphs were cited directly from my recent article highlighting social engineering. "Social engineering and phishing are involved in 70% to 90% of all successful ...

CISA Recommends Continuous Cybersecurity Training

Mar 21, 2024 8:37:04 AM By Roger Grimes

In an age when 70% - 90% of successful data breaches involve social engineering (which gets past all other defenses), sufficient training is needed to best reduce human-side cybersecurity ...

If Social Engineering Accounts for up to 90% of Attacks, Why Is It Ignored?

Mar 15, 2024 10:32:57 AM By Roger Grimes

Social engineering and phishing are involved in 70% to 90% of all successful cybersecurity attacks. No other initial root hacking cause comes close.

How Much Will AI Help Cybercriminals?

Mar 12, 2024 9:27:29 AM By Roger Grimes

Do not forget, AI-enabled technologies, like KnowBe4’s Artificial Intelligence Defense Agents (AIDA), will make defenses increasingly better.

Three Essential Truths Every CISO Should Know To Guide Their Career

Mar 11, 2024 9:11:56 AM By Roger Grimes

According to my research, it became clear that if CISO's focused on these three items, it would take care of 99% of the vulnerabilities.

Security Awareness Training Blog

View Topics