Roger Grimes

Data-Driven Defense Evangelist

Roger A. Grimes is Data-Driven Defense Evangelist at KnowBe4. He is a 30-year computer security professional, author of 13 books and over 1,200 national magazine articles. He frequently consults with international organizations of all sizes and many of the world’s militaries. Grimes regularly presents at national computer security conferences, and is known for his often contrarian, fact-filled viewpoints.

Request This Speaker

On-Demand Webinars

See All KnowBe4 Webinars

Books

Find all of Roger's books on Amazon

Here Is What You Can Do To Inspect SMS URL Links Before Clicking

Nov 9, 2022 4:39:12 PM By Roger Grimes

Phishing via Short Message Service (SMS) texts, what is known as smishing, is becoming increasingly common (some examples are shown below). There is probably not a person on Earth who ...

PhishER Turns Golden Hour Into Golden Minute

Nov 8, 2022 10:00:35 AM By Roger Grimes

Hospital emergency rooms around the world are fine-tuned to meet the requirements of the “Golden Hour”. The Golden Hour is a well-accepted medical fact that critically injured or ill ...

Number Matching Push-Based MFA Is Only Half the Solution

Nov 4, 2022 10:14:34 AM By Roger Grimes

When push-based multifactor authentication (MFA) first came out, I was a big fan. I promoted it as a strong and safe MFA option in my book, Hacking Multifactor Authentication. That was ...

Passkeys Are Being Pushed in a Big Way

Oct 26, 2022 10:58:37 AM By Roger Grimes

There is a good chance that you and nearly everyone else will be using passkeys in the near future.

How To Stop Job Scams

Oct 17, 2022 4:01:57 PM By Roger Grimes

I am reading and hearing about a ton of job scams these days. So many, I wondered how anyone could get a real job or employee, especially in these days of often full-time, work-from-home ...

Could 100% of Phishing Be Eliminated One Day?

Oct 11, 2022 12:59:34 PM By Roger Grimes

Occasionally you will hear people or organizations claiming that they are on the verge of eliminating all social engineering from reaching end-users. Could it be true? Could it happen one ...

Do Not Use Easily Phishable MFA and That Is Most MFA!

Sep 21, 2022 9:25:43 AM By Roger Grimes

Everyone should use multifactor authentication (MFA), where they can, to protect valuable information. Everyone!

So, Your MFA is Phishable, What To Do Next

Aug 31, 2022 9:54:49 AM By Roger Grimes

We’ve written a lot about multi-factor authentication (MFA) not being the Holy Grail to prevent phishing attacks, including here:

Teach Two Things to Decrease Phishing Attack Success

Aug 24, 2022 8:25:03 AM By Roger Grimes

We know everyone is busy. Everyone already has too much on their plate and is trying to learn as much as they can every day.

More Super Targeted Spear Phishing Ahead

Aug 16, 2022 3:42:05 PM By Roger Grimes

Hardly a day goes by without a news alert about the latest HUGE data breach. It’s so commonplace today that it rarely rates showing at the top of the news. In a newspaper, the ...

Beware of Sophisticated Malicious USB Keys

Jul 28, 2022 12:33:33 PM By Roger Grimes

Malicious USB keys have always been a problem. There is almost no professional penetration testing team that does not drop a handful of USB keys outside of any targeted organization and ...

[Eye Opener] Both Job Seekers and Employers Should Be Aware Of New Sophisticated Scams

Jul 21, 2022 1:39:43 PM By Roger Grimes

With record low unemployment, a tight labor market, and increasing customer demand, everyone says it is an employee’s job market out there. But it is getting tougher to get a real job and ...

Hovering Over Links Will Protect You More Than MFA

Jul 14, 2022 3:57:18 PM By Roger Grimes

Microsoft Security recently released a report which detailed a widely successful phishing attack technique used against over 10,000 of its customers…a phishing attack that worked even if ...

Celebrity Crypto Scams Just Keep on Getting Worse

Jun 30, 2022 2:43:50 PM By Roger Grimes

Bloomberg News recently reported that fake celebrity-endorsed crypto scams have doubled in the UK this year, and on average scammed victims out of $14,540 in stolen value before they ...

Innovative Way to Bypass MFA Using Microsoft WebView2 Is Familiar Nevertheless

Jun 29, 2022 9:15:45 AM By Roger Grimes

An interesting way to bypass multi-factor authentication (MFA) was recently announced by Bleeping Computer. This particular attack method requires a potential victim to be tricked into ...

What About Password Manager Risks?

Jun 9, 2022 10:13:18 AM By Roger Grimes

In KnowBe4’s new Password Policy ebook, What Your Password Policy Should Be, we recommend that all users use a password manager to create and use perfectly random passwords. A perfectly ...

Why We Recommend Your Passwords Be Over 20-Characters Long

Jun 3, 2022 8:13:08 AM By Roger Grimes

KnowBe4 just released its official guidance and recommendations regarding password policy. It has been a project in the works for many months now, but we wanted to make sure we got it ...

Introducing KnowBe4’s Password Policy E-Book

Jun 3, 2022 8:11:54 AM By Roger Grimes

KnowBe4 just released its first e-book covering password attacks, defenses and what your password policy should be. Here is a summary of its recommendations:

We Do Not Talk Enough About Social Engineering and It’s Hurting Us

May 27, 2022 8:04:40 AM By Roger Grimes

One of the most important things I have tried to communicate to audiences since at least the 1990s is how prevalent a role social engineering plays in cybersecurity attacks. I have ...

Holding a Great Employee Education Meeting

May 2, 2022 4:45:24 PM By Roger Grimes

I recently attended a customer’s annual security awareness training employee event. I have attended a bunch of these over the years and I have loved them all. But this particular customer ...

Security Awareness Training Blog

View Topics