Roger Grimes

Data-Driven Defense Evangelist

Roger A. Grimes, Data-Driven Defense Evangelist for KnowBe4, Inc., is the author of 15 books and over 1500 articles, specializing in host security and preventing hacker and malware attacks. Roger is a frequent speaker at national computer security conferences and his presentations are fast-paced and filled with useful facts and recommendations.

Request This Speaker

Webinars

Videos and Vlogs

Roger's Cybersecurity WTF Rants

Podcasts

Books

Whitepapers

Articles

James Bond-Style Scamming Profits Explode

Dec 20, 2024 3:48:39 PM By Roger Grimes

There is a type of scam where victims are contacted by someone fraudulently posing as a popular trusted entity (e.g., Amazon, U.S. Post Office, etc.), law enforcement, or an intelligence ...

No, KnowBe4 Is Not Being Exploited

Dec 18, 2024 11:57:49 AM By Roger Grimes

Some of our customers are reporting “Threat Alerts” from Mimecast stating hackers have exploited KnowBe4 or KnowBe4 domains to send email threats.

Be Careful of Malicious Ads

Dec 12, 2024 11:39:14 AM By Roger Grimes

For decades, we have all been warned to be appropriately skeptical of internet search engine results. Sadly, most people are not.

Why Controversial Phishing Emails Do Not Work

Dec 6, 2024 9:38:23 AM By Roger Grimes

Frequently, when a cybersecurity training manager sends out a controversial simulated phishing attack message that angers a bunch of employees and ends up making headlines, we get called ...

CISA Strongly Recommends Phishing-Resistant MFA

Nov 27, 2024 10:16:09 AM By Roger Grimes

We are excited to see the Cybersecurity Infrastructure Security Agency (CISA) and outgoing Director Jen Easterly strongly recommend PHISHING-RESISTANT multi-factor authentication (MFA).

Beware of Fake Tech Support Scams

Nov 20, 2024 2:22:06 PM By Roger Grimes

About five years ago, I was having trouble with an expensive brand-name refrigerator that my wife and I had bought. It was a great refrigerator feature-wise. My wife and I initially loved ...

Purina’s Champions Program Is the Best I Have Seen

Nov 19, 2024 9:02:42 AM By Roger Grimes

In my most recent book, Fighting Phishing: Everything You Can Do to Fight Social Engineering and Phishing, I highlight the use of “champions," which are co-workers in your organization ...

Step-by-Step To Creating Your First Realistic Deepfake Video in a Few Minutes

Nov 12, 2024 3:38:29 PM By Roger Grimes

Learn how to step-by-step create your first realistic deepfake video in a few minutes.

If Social Engineering Is 70% - 90% of Attacks, Why Aren’t We Acting Like It?

Nov 4, 2024 1:37:53 PM By Roger Grimes

Over a decade ago, I noticed that social engineering was the primary cause for all malicious hacking. It has been that way since the beginning of computers, but it took me about half of ...

Every Cybersecurity List Should Be a Risk-Ranked List

Nov 1, 2024 2:34:28 PM By Roger Grimes

Cybersecurity is all about risk management and reduction. You cannot get rid of all risk. Well, I guess you could, but you (and everyone else) would probably not want to work in a true ...

Don’t Put Real Answers Into Your Password Reset Questions

Oct 3, 2024 11:58:15 AM By Roger Grimes

This recent article on how a hacker used genealogy websites to help better guess victims' password reset answers made it a great time to share a suggestion: Don’t answer password reset ...

Educate Your Users About Malicious SEO Poisoning Attacks

Sep 23, 2024 9:40:21 AM By Roger Grimes

Since the beginning of computers, social engineering has been the number one way that computers and networks have been compromised. Social engineering is involved in 70% to 90% of all ...

[Cybersecurity Awareness Month] Prepare for All Manner of Cyber Threats Like the Heroes of ‘The Inside Man’

Sep 17, 2024 8:00:00 AM By Roger Grimes

Mark Shepherd, the Inside Man, is on a mission.

[On-Demand Webinar] On How To Avoid Hiring Nation-State Fake Employees

Sep 10, 2024 8:00:00 AM By Roger Grimes

In July 2024, KnowBe4 revealed that we had unknowingly hired a North Korean who was pretending to be someone else. We locked down the laptop that was sent to the fake employee within 25 ...

More Carrots and Fewer Sticks

Aug 27, 2024 7:30:00 AM By Roger Grimes

This blog was co-written by Perry Carpenter and Roger A. Grimes. As I sit in the 2024 Seattle Convene conference this week and listen to speaker after speaker talk about their successful ...

Is Disabling Clickable URL Links Enough?

Aug 19, 2024 8:34:42 AM By Roger Grimes

Recently, we had a customer reach out to ask if disabling clickable uniform resource locator (URL) links in emails was enough protection by itself to potentially not need employee ...

Roger’s Hacking Stories

Jul 29, 2024 8:17:49 AM By Roger Grimes

In this post, I'll share two fascinating hacking stories I've experienced: one involving a sophisticated scam that targeted a major U.S. Fortune 500 conglomerate, and another detailing ...

CISA’s Red Team Exercise Shows Value of Phishing, but Misses the Best Recommendation

Jul 19, 2024 1:52:49 PM By Roger Grimes

Phishing is used to completely compromise the victim’s environment after other repeated methods failed.

Chile Leads Latin America With New Cybersecurity Governance

Jul 18, 2024 11:30:06 AM By Roger Grimes

Chile took a major step toward a more resilient cyber landscape for its citizens and the Latin American region on Tuesday, March 26, 2024, when Chile’s president of the Republic, Gabriel ...

Ransomware Attacks on Healthcare Is Costing Lives

Jul 11, 2024 2:01:48 PM By Roger Grimes

Ransomware is more prolific and expensive than ever. Depending on the source you read, the average or median ransomware payment was at least several hundred thousand dollars to well over ...

Security Awareness Training Blog

View Topics