Roger Grimes

Data-Driven Defense Evangelist

Roger A. Grimes is Data-Driven Defense Evangelist at KnowBe4. He is a 30-year computer security professional, author of 13 books and over 1,200 national magazine articles. He frequently consults with international organizations of all sizes and many of the world’s militaries. Grimes regularly presents at national computer security conferences, and is known for his often contrarian, fact-filled viewpoints.

Request This Speaker

On-Demand Webinars

See All KnowBe4 Webinars

See All

Books

Find all of Roger's books on Amazon

See All

5 Notable Obscure Phishing Scams

Dec 29, 2021 11:01:12 AM By Roger Grimes

I love that KnowBe4’s customers are among the most knowledgeable and educated people in the world in avoiding phishing scams. KnowBe4’s products help its customers to educate and test ...

Having an Efficient Security Awareness Training Program

Dec 23, 2021 9:06:46 AM By Roger Grimes

I love that KnowBe4’s customers are among the most knowledgeable and educated people in the world in avoiding phishing scams. KnowBe4’s products help its customers to educate and test ...

Answer 4 Simple Questions To Avoid a Social Engineering Attack

Dec 14, 2021 2:19:57 PM By Roger Grimes

I am usually not a man of a few words. I am the opposite. I write hundreds of pages a month and talk non-stop in person. But lately, I have been trying to be better at saying more with ...

How Not To Get Phished: It Is the Message Not the Medium

Nov 5, 2021 8:45:10 AM By Roger Grimes

Back in the early 1990s, when I was first getting into the IT field as a full-time network administrator, I was tasked with writing up our corporation’s new email policy. Email was just ...

Ransomware 3.0: It Is About To Get Much Worse

Oct 27, 2021 4:28:01 PM By Roger Grimes

If you think ransomware is bad, it is about to get much, much worse. What will ransomware gangs do? Just everything.

U.S. Government Says To Use Phishing-Resistant MFA

Oct 20, 2021 10:15:13 AM By Roger Grimes

The U.S. government has been pushing people to avoid SMS- and voice call-based multi-factor authentication (MFA) for years, but their most recent warning is to avoid any MFA that is ...

5 Ways to Recognize Social Engineering

Sep 9, 2021 4:58:21 PM By Roger Grimes

Social engineering can come in many different forms: via email, websites, voice calls, SMS messages, social media and even fax. If it is a communication method, scammers and criminals are ...

Be Wary of Unrequested Disc Images

Sep 3, 2021 9:16:15 AM By Roger Grimes

Microsoft’s recent announcement that the new version of Microsoft Windows, Microsoft Windows 11, will be released soon is capturing headlines around the world. Microsoft will allow ...

When the URL Domain Is Not Enough To Avoid a Phish

Aug 31, 2021 2:44:06 PM By Roger Grimes

One of the most common mantras in security awareness training is “Examine the URL to determine if it points to the legitimate vendor or not!”

How to Defeat REvil Ransomware

Jul 9, 2021 11:04:06 AM By Roger Grimes

The REvil ransomware gang is in the news again! This time for a supply chain attack and the largest public extortion demand ever – $70 million dollars.

Turning Compliance Into Tangible Security

Jun 23, 2021 1:44:50 PM By Roger Grimes

Compliance and security are supposedly about risk management. Both seek to reduce the chances that threats and their risks will be able to successfully exploit a target. But they are ...

Understanding Ransomware’s True Costs

Jun 18, 2021 8:00:00 AM By Roger Grimes

We all know ransomware is pretty bad, but if you are a cybersecurity risk manager trying to justify the latest purchase to mitigate it, nailing down real numbers can be pretty hard. There ...

The Future Of Ransomware

Jun 8, 2021 1:27:07 PM By Roger Grimes

Ransomware is pretty bad right now. It is taking down nearly any company and industry it can, targeting healthcare, energy infrastructure, and food supplies with equal aplomb. It takes ...

Everyone Has It Wrong. It Is Not Double Extortion, It Is Quintuple Extortion!

Jun 3, 2021 2:12:53 PM By Roger Grimes

I keep seeing a new ransomware term, “double extortion” being discussed. It is the hot, new buzzword surrounding ransomware. This term attempts to summarize how ransomware is no longer ...

Cybersecurity Insurance Landscape Is Fundamentally Changing Right Now

May 26, 2021 8:36:48 AM By Roger Grimes

By Roger Grimes. Ransomware is stealing so much money and interrupting so many businesses that it might be the beginning of their undoing. It is certainly radically changing the ...

More Targeted Phishing Attacks Are Coming!

May 24, 2021 9:40:11 AM By Roger Grimes

I have been in the cybersecurity business for 34 years. I am not an innately brilliant, but one of the things I seem to do well is to spot trends as they happen early in their cycle. It ...

Paying the Ransom Is Not Just About Decryption

May 14, 2021 1:02:38 PM By Roger Grimes

I just read that a well-known pipeline company paid $5M to the ransomware hacker group. And despite that, they are still having to use their backups because the decryption process is too ...

Your Organization Needs to Take Security Awareness Training More Seriously

May 11, 2021 4:08:50 PM By Roger Grimes

Your organization needs to take security awareness training (SAT) more seriously. I mean truly serious, really serious, and not relegated to some quasi-, semi-serious status that the vast ...

Why Should We Care About Personal Smishing Attacks?

Apr 29, 2021 10:33:34 AM By Roger Grimes

I am not sure what is going on these days, but for several weeks, I have received far more SMS-based phishing (i.e., smishing) attacks than usual.

There Is No Herd Immunity in the Digital World

Mar 30, 2021 4:31:46 PM By Roger Grimes

When I was first starting off in my career, I wanted to be a doctor. As life often goes, I got waylaid. Wanting to be a doctor turned in an accounting major and CPA certification, quickly ...

Security Awareness Training Blog

View Topics