Roger A. Grimes

Columnist

Roger A. Grimes is a contributing editor. Roger holds more than 40 computer certifications and has authored ten books on computer security. He has been fighting malware and malicious hackers since 1987, beginning with disassembling early DOS viruses. He specializes in protecting host computers from hackers and malware, and consults to companies from the Fortune 100 to small businesses. A frequent industry speaker and educator, Roger currently works for KnowBe4 as the Data-Driven Defense Evangelist and is the author of Cryptography Apocalypse.

Has the quantum crypto break already happened?

5 steps to a successful red team engagement

5 steps to a successful red team engagement

You want red team pen testers to find the vulnerabilities attackers are most likely to use. Here's how.

Dial 211 for cyberattacks

Dial 211 for cyberattacks

US consumers and businesses in a few states can now dial 211 for help when victimized by cybercrime. What's needed is a nationwide rollout.

8 questions to answer before paying a ransomware demand

8 questions to answer before paying a ransomware demand

Consider these factors before deciding to pay a ransom after a ransomware attack. Better yet, know where you stand before one hits you.

10 risk factors no one talks about

10 risk factors no one talks about

These risk factors might not show up on an official risk assessment report, but every security professional should be thinking about them.

5 reasons users hate cybersecurity awareness training, and how to make them love it

5 reasons users hate cybersecurity awareness training, and how to make them love it

If you want your security awareness training program to be effective, address these common user complaints.

8 ways your patch management policy is broken (and how to fix it)

8 ways your patch management policy is broken (and how to fix it)

These eight patching best practices mistakes get in the way of effective risk mitigation. Here's how to fix them.

Quantum supremacy might be here, upending conventional encryption

Quantum supremacy might be here, upending conventional encryption

Last week Google posted and quickly took down a report announcing a stunning quantum computing milestone. Regardless of whether the report was premature, conventional encryption’s days are numbered.

What is OAuth? How the open authorization framework works

What is OAuth? How the open authorization framework works

OAuth is an open-standard authorization protocol or framework that describes how unrelated servers and services can safely allow authenticated access to their assets. It is widely accepted, but be aware of its vulnerabilities.

10 signs you're being socially engineered

10 signs you're being socially engineered

Scammers will try to trick you and your organization's users into giving up credentials or other sensitive date. Be skeptical if you see any of these signs.

The 5 CIS controls you should implement first

The 5 CIS controls you should implement first

The CIS Critical Security Controls list (formerly the SANS Top 20 controls) has been the gold standard for security defense advice. These are the tasks you should do first.

Why you need a cybersecurity incident response specialist

Why you need a cybersecurity incident response specialist

If your cyber insurance provider gives you the number of an incident response specialist, call them now. It will save time when an attack occurs.

Load More