Roger Grimes

Data-Driven Defense Evangelist

Roger A. Grimes is Data-Driven Defense Evangelist at KnowBe4. He is a 30-year computer security professional, author of 13 books and over 1,200 national magazine articles. He frequently consults with international organizations of all sizes and many of the world’s militaries. Grimes regularly presents at national computer security conferences, and is known for his often contrarian, fact-filled viewpoints.

Request This Speaker

On-Demand Webinars

See All KnowBe4 Webinars

Books

Find all of Roger's books on Amazon

Beware of Fake Tech Support Scams

Nov 20, 2024 2:22:06 PM By Roger Grimes

About five years ago, I was having trouble with an expensive brand-name refrigerator that my wife and I had bought. It was a great refrigerator feature-wise. My wife and I initially loved ...

Purina’s Champions Program Is the Best I Have Seen

Nov 19, 2024 9:02:42 AM By Roger Grimes

In my most recent book, Fighting Phishing: Everything You Can Do to Fight Social Engineering and Phishing, I highlight the use of “champions," which are co-workers in your organization ...

Step-by-Step To Creating Your First Realistic Deepfake Video in a Few Minutes

Nov 12, 2024 3:38:29 PM By Roger Grimes

Learn how to step-by-step create your first realistic deepfake video in a few minutes.

If Social Engineering Is 70% - 90% of Attacks, Why Aren’t We Acting Like It?

Nov 4, 2024 1:37:53 PM By Roger Grimes

Over a decade ago, I noticed that social engineering was the primary cause for all malicious hacking. It has been that way since the beginning of computers, but it took me about half of ...

Every Cybersecurity List Should Be a Risk-Ranked List

Nov 1, 2024 2:34:28 PM By Roger Grimes

Cybersecurity is all about risk management and reduction. You cannot get rid of all risk. Well, I guess you could, but you (and everyone else) would probably not want to work in a true ...

Don’t Put Real Answers Into Your Password Reset Questions

Oct 3, 2024 11:58:15 AM By Roger Grimes

This recent article on how a hacker used genealogy websites to help better guess victims' password reset answers made it a great time to share a suggestion: Don’t answer password reset ...

Educate Your Users About Malicious SEO Poisoning Attacks

Sep 23, 2024 9:40:21 AM By Roger Grimes

Since the beginning of computers, social engineering has been the number one way that computers and networks have been compromised. Social engineering is involved in 70% to 90% of all ...

[Cybersecurity Awareness Month] Prepare for All Manner of Cyber Threats Like the Heroes of ‘The Inside Man’

Sep 17, 2024 8:00:00 AM By Roger Grimes

Mark Shepherd, the Inside Man, is on a mission.

[On-Demand Webinar] On How To Avoid Hiring Nation-State Fake Employees

Sep 10, 2024 8:00:00 AM By Roger Grimes

In July 2024, KnowBe4 revealed that we had unknowingly hired a North Korean who was pretending to be someone else. We locked down the laptop that was sent to the fake employee within 25 ...

More Carrots and Fewer Sticks

Aug 27, 2024 7:30:00 AM By Roger Grimes

This blog was co-written by Perry Carpenter and Roger A. Grimes. As I sit in the 2024 Seattle Convene conference this week and listen to speaker after speaker talk about their successful ...

Is Disabling Clickable URL Links Enough?

Aug 19, 2024 8:34:42 AM By Roger Grimes

Recently, we had a customer reach out to ask if disabling clickable uniform resource locator (URL) links in emails was enough protection by itself to potentially not need employee ...

Roger’s Hacking Stories

Jul 29, 2024 8:17:49 AM By Roger Grimes

In this post, I'll share two fascinating hacking stories I've experienced: one involving a sophisticated scam that targeted a major U.S. Fortune 500 conglomerate, and another detailing ...

CISA’s Red Team Exercise Shows Value of Phishing, but Misses the Best Recommendation

Jul 19, 2024 1:52:49 PM By Roger Grimes

Phishing is used to completely compromise the victim’s environment after other repeated methods failed.

Chile Leads Latin America With New Cybersecurity Governance

Jul 18, 2024 11:30:06 AM By Roger Grimes

Chile took a major step toward a more resilient cyber landscape for its citizens and the Latin American region on Tuesday, March 26, 2024, when Chile’s president of the Republic, Gabriel ...

Ransomware Attacks on Healthcare Is Costing Lives

Jul 11, 2024 2:01:48 PM By Roger Grimes

Ransomware is more prolific and expensive than ever. Depending on the source you read, the average or median ransomware payment was at least several hundred thousand dollars to well over ...

Simulated Phishing Tests Matter

Jun 26, 2024 1:51:18 PM By Roger Grimes

If you had to choose between regular cybersecurity training and simulated phishing testing, the data shows you should choose simulated phishing tests.

Fighting Phishing: Everything You Can Do to Fight Social Engineering and Phishing

Jun 7, 2024 8:16:24 AM By Roger Grimes

I have created a comprehensive webinar, based on my recent book, “Fighting Phishing: Everything You Can Do to Fight Social Engineering and Phishing”. It contains everything that KnowBe4 ...

Social Engineering Scams Can Come in the Mail, Too

Jun 6, 2024 8:27:18 AM By Roger Grimes

Social engineering scams can come through any communications channel (e.g., email, web, social media, SMS, phone call, etc.). They can even come in the mail as the Nextdoor warning below ...

The Hard Evidence That Phishing Training and Testing Really Works Great

May 31, 2024 2:56:33 PM By Roger Grimes

Security awareness training (SAT) and simulated phishing works to significantly reduce cybersecurity risk. We have the data, customer testimonials and government recommendations to prove ...

KnowBe4 Free Tools Now Available On CISA’s Website

May 28, 2024 2:27:07 PM By Roger Grimes

We are big fans of the U.S. Cybersecurity Infrastructure Security Agency (CISA), whose informal slogan of “An organization so committed to security that it’s in our name twice” is a ...

Security Awareness Training Blog

View Topics