Roger Grimes

Data-Driven Defense Evangelist

Roger A. Grimes is Data-Driven Defense Evangelist at KnowBe4. He is a 30-year computer security professional, author of 13 books and over 1,200 national magazine articles. He frequently consults with international organizations of all sizes and many of the world’s militaries. Grimes regularly presents at national computer security conferences, and is known for his often contrarian, fact-filled viewpoints.

Request This Speaker

On-Demand Webinars

See All KnowBe4 Webinars

Books

Find all of Roger's books on Amazon

Hovering Over Links Will Protect You More Than MFA

Jul 14, 2022 3:57:18 PM By Roger Grimes

Microsoft Security recently released a report which detailed a widely successful phishing attack technique used against over 10,000 of its customers…a phishing attack that worked even if ...

Celebrity Crypto Scams Just Keep on Getting Worse

Jun 30, 2022 2:43:50 PM By Roger Grimes

Bloomberg News recently reported that fake celebrity-endorsed crypto scams have doubled in the UK this year, and on average scammed victims out of $14,540 in stolen value before they ...

Innovative Way to Bypass MFA Using Microsoft WebView2 Is Familiar Nevertheless

Jun 29, 2022 9:15:45 AM By Roger Grimes

An interesting way to bypass multi-factor authentication (MFA) was recently announced by Bleeping Computer. This particular attack method requires a potential victim to be tricked into ...

What About Password Manager Risks?

Jun 9, 2022 10:13:18 AM By Roger Grimes

In KnowBe4’s new Password Policy ebook, What Your Password Policy Should Be, we recommend that all users use a password manager to create and use perfectly random passwords. A perfectly ...

Why We Recommend Your Passwords Be Over 20-Characters Long

Jun 3, 2022 8:13:08 AM By Roger Grimes

KnowBe4 just released its official guidance and recommendations regarding password policy. It has been a project in the works for many months now, but we wanted to make sure we got it ...

Introducing KnowBe4’s Password Policy E-Book

Jun 3, 2022 8:11:54 AM By Roger Grimes

KnowBe4 just released its first e-book covering password attacks, defenses and what your password policy should be. Here is a summary of its recommendations:

We Do Not Talk Enough About Social Engineering and It’s Hurting Us

May 27, 2022 8:04:40 AM By Roger Grimes

One of the most important things I have tried to communicate to audiences since at least the 1990s is how prevalent a role social engineering plays in cybersecurity attacks. I have ...

Holding a Great Employee Education Meeting

May 2, 2022 4:45:24 PM By Roger Grimes

I recently attended a customer’s annual security awareness training employee event. I have attended a bunch of these over the years and I have loved them all. But this particular customer ...

How Hackers Steal Passwords & Protection Tips

Apr 26, 2022 9:54:16 AM By Roger Grimes

Despite the world’s best efforts to get everyone off passwords and onto something else (e.g., MFA, passwordless authentication, biometrics, zero trust, etc.) for decades, passwords have ...

Making Better Push-Based MFA

Mar 28, 2022 1:51:20 PM By Roger Grimes

I used to be a huge fan of Push-Based Multifactor Authentication (MFA), but real-world use has shown that most of today’s most popular implementations are not sufficiently protective ...

Traits of Most Scams

Feb 16, 2022 3:01:55 PM By Roger Grimes

There are a lot of scams in the world, and they seem to be proliferating at an exponential rate. My Facebook friend’s accounts are compromised all the time and I get sent scam requests ...

The 4 Things You Should Be Doing Right Now To Best Improve Your Cybersecurity

Feb 3, 2022 3:28:15 PM By Roger Grimes

The key to really good cybersecurity is to concentrate on just 4 things. Master them first before you begin to try and do the other hundreds of things that everyone else is going to tell ...

Beware of QuickBooks Payment Scams

Jan 31, 2022 9:16:17 AM By Roger Grimes

Many small and mid-sized companies use Intuit’s very popular QuickBooks program. They usually start out using its easy-to-use base accounting program and then the QuickBooks program ...

5 Notable Obscure Phishing Scams

Dec 29, 2021 11:01:12 AM By Roger Grimes

I love that KnowBe4’s customers are among the most knowledgeable and educated people in the world in avoiding phishing scams. KnowBe4’s products help its customers to educate and test ...

Having an Efficient Security Awareness Training Program

Dec 23, 2021 9:06:46 AM By Roger Grimes

I love that KnowBe4’s customers are among the most knowledgeable and educated people in the world in avoiding phishing scams. KnowBe4’s products help its customers to educate and test ...

Answer 4 Simple Questions To Avoid a Social Engineering Attack

Dec 14, 2021 2:19:57 PM By Roger Grimes

I am usually not a man of a few words. I am the opposite. I write hundreds of pages a month and talk non-stop in person. But lately, I have been trying to be better at saying more with ...

How Not To Get Phished: It Is the Message Not the Medium

Nov 5, 2021 8:45:10 AM By Roger Grimes

Back in the early 1990s, when I was first getting into the IT field as a full-time network administrator, I was tasked with writing up our corporation’s new email policy. Email was just ...

Ransomware 3.0: It Is About To Get Much Worse

Oct 27, 2021 4:28:01 PM By Roger Grimes

If you think ransomware is bad, it is about to get much, much worse. What will ransomware gangs do? Just everything.

U.S. Government Says To Use Phishing-Resistant MFA

Oct 20, 2021 10:15:13 AM By Roger Grimes

The U.S. government has been pushing people to avoid SMS- and voice call-based multi-factor authentication (MFA) for years, but their most recent warning is to avoid any MFA that is ...

5 Ways to Recognize Social Engineering

Sep 9, 2021 4:58:21 PM By Roger Grimes

Social engineering can come in many different forms: via email, websites, voice calls, SMS messages, social media and even fax. If it is a communication method, scammers and criminals are ...

Security Awareness Training Blog

View Topics