Roger Grimes

Data-Driven Defense Evangelist

Roger A. Grimes is Data-Driven Defense Evangelist at KnowBe4. He is a 30-year computer security professional, author of 13 books and over 1,200 national magazine articles. He frequently consults with international organizations of all sizes and many of the world’s militaries. Grimes regularly presents at national computer security conferences, and is known for his often contrarian, fact-filled viewpoints.

Request This Speaker

On-Demand Webinars

See All KnowBe4 Webinars

Books

Find all of Roger's books on Amazon

[Wake-Up Call] It's Time to Focus More on Preventing Spear Phishing

May 31, 2023 2:22:02 PM By Roger Grimes

Fighting spear phishing attacks is the single best thing you can do to prevent breaches.

Comprehensive Anti-Phishing Mitigations: A Quick Overview

May 8, 2023 9:59:46 AM By Roger Grimes

The evidence is clear – there is nothing most people and organizations can do to vastly lower cybersecurity risk than to mitigate social engineering attacks. Social engineering is ...

The Two Best Things You Can Do To Protect Yourself and Organization

May 2, 2023 8:22:23 AM By Roger Grimes

Since the beginning, two types of computer attacks (known as initial root cause exploits) have composed the vast majority of successful attacks: social engineering and exploiting ...

Win The AI Wars To Enhance Security And Decrease Cyber Risk

Apr 12, 2023 8:20:54 AM By Roger Grimes

With all the overwrought hype with ChatGPT and AI…much of it earned…you could be forgiven for thinking that only the bad actors are going to be using these advanced technologies and the ...

Top Takeaways You Could be Missing Out on my Upcoming Ransomware Master Class

Apr 11, 2023 8:20:01 AM By Roger Grimes

There is no doubt that ransomware is one of the top cybersecurity challenges of our lifetime. Survey after survey has revealed senior management and IT employees from the top on down, ...

The Future of Cyber Attacks? Speed, More Speed

Mar 22, 2023 8:46:51 AM By Roger Grimes

I get asked all the time to “predict” the future of cybercrime. What will be the next big cyber attack? What will be the next paradigm platform shift that attackers will target? And so on.

[Black Eye] The Lesson We Learned. Don't Let this Happen to You. #DMARC

Mar 18, 2023 1:15:43 PM By Roger Grimes

Mea Culpa. When you make a mistake, admit you made a mistake.

Understanding DMARC Better

Mar 16, 2023 10:30:19 AM By Roger Grimes

I talk and present often about DMARC (and SPF and DKIM), including here. A lot of people who think they understand how DMARC works, do not really understand it as well as they think they ...

5 Reasons Why SecurityCoach Is Awesome

Mar 14, 2023 9:27:01 AM By Roger Grimes

I’ve been doing computer security for over 34 years and in that time, I haven’t seen a lot of game-changing products. What I have seen is a lot of new products that claimed to be ...

GLBA and Other Regulations Wake Up to the Importance of Security Awareness Training With June 9, 2023 Deadline

Feb 27, 2023 4:15:26 PM By Roger Grimes

Most computer security practitioners have understood for many years the importance of having an aggressive security awareness training program. As social engineering is involved in 70% to ...

Should You Click on Unsubscribe?

Feb 21, 2023 4:36:29 PM By Roger Grimes

Some common questions we get are “Should I click on an unwanted email’s ’Unsubscribe’ link? Will that lead to more or less unwanted email?”

Will AI and Deepfakes Weaken Biometric MFA

Feb 17, 2023 9:31:39 AM By Roger Grimes

You should use phishing-resistant multi-factor authentication (MFA) when you can to protect valuable data and systems. But most biometrics and MFA are not as strong as touted and much of ...

How Does Quantum Impact Passwords?

Jan 25, 2023 4:03:39 PM By Roger Grimes

Yeah, quantum computers are likely to be able to crack passwords from every angle.

Is Your Organization’s Password Complexity Requirement Strong Enough? Probably Not

Jan 17, 2023 8:15:27 AM By Roger Grimes

Is your organization’s password complexity strong enough?

Password Managers Can Be Hacked Lots of Ways and Yes, You Should Still Use Them

Jan 10, 2023 4:43:49 PM By Roger Grimes

The recent hack (at least 7th) of the LastPass password manager has lots of people wondering if they should use a password manager.

[Heads Up] Giant LastPass Breach Can Supercharge Spear Phishing Attacks

Dec 28, 2022 2:27:36 PM By Roger Grimes

By Roger A. Grimes. KnowBe4 recommends that everyone use a password manager to create and use strong passwords as a part of their password policy ...

Ivanti Report Shows Cybersecurity Practitioners Concentrating on Right Threats

Dec 21, 2022 9:25:23 AM By Roger Grimes

A recent Ivanti report shows cybersecurity practitioners getting more focused on the threat landscape, but defenders may need to hone their attention to focus on the right threats.

CISA Phishing Infographic Contains a Lot of Good Information

Dec 13, 2022 8:54:06 AM By Roger Grimes

On December 8th, the Cybersecurity & Infrastructure Security Agency (CISA) released a great phishing infographic about data collected, lessons learned and recommendations learned from ...

[Keep An Eye Out] Beware of New Holiday Gift Card Scams

Nov 30, 2022 10:04:25 AM By Roger Grimes

Every holiday season brings on an increase in gift card scams. Most people love to buy and use gift cards. They are convenient, easy to buy, easy to use, easy to gift, usually allow the ...

Here Is What You Can Do To Inspect SMS URL Links Before Clicking

Nov 9, 2022 4:39:12 PM By Roger Grimes

Phishing via Short Message Service (SMS) texts, what is known as smishing, is becoming increasingly common (some examples are shown below). There is probably not a person on Earth who ...

Security Awareness Training Blog

View Topics

Roger Grimes

On-Demand Webinars

Books

Recent Posts

[Wake-Up Call] It's Time to Focus More on Preventing Spear Phishing

Comprehensive Anti-Phishing Mitigations: A Quick Overview

The Two Best Things You Can Do To Protect Yourself and Organization

Win The AI Wars To Enhance Security And Decrease Cyber Risk

Top Takeaways You Could be Missing Out on my Upcoming Ransomware Master Class

The Future of Cyber Attacks? Speed, More Speed

[Black Eye] The Lesson We Learned. Don't Let this Happen to You. #DMARC

Understanding DMARC Better

5 Reasons Why SecurityCoach Is Awesome

GLBA and Other Regulations Wake Up to the Importance of Security Awareness Training With June 9, 2023 Deadline

Should You Click on Unsubscribe?

Will AI and Deepfakes Weaken Biometric MFA

How Does Quantum Impact Passwords?

Is Your Organization’s Password Complexity Requirement Strong Enough? Probably Not

Password Managers Can Be Hacked Lots of Ways and Yes, You Should Still Use Them

[Heads Up] Giant LastPass Breach Can Supercharge Spear Phishing Attacks

Ivanti Report Shows Cybersecurity Practitioners Concentrating on Right Threats

CISA Phishing Infographic Contains a Lot of Good Information

[Keep An Eye Out] Beware of New Holiday Gift Card Scams

Here Is What You Can Do To Inspect SMS URL Links Before Clicking

Search Our Blog

Subscribe To Our Blog

Posts By Topic

Get the latest about social engineering

Subscribe to CyberheistNews

Get the latest about social engineering

Subscribe to CyberheistNews

Products & Services

About Us

Free Tools

Contact Us

Contact Support

Search