Roger A. Grimes

Columnist

Roger A. Grimes is a contributing editor. Roger holds more than 40 computer certifications and has authored ten books on computer security. He has been fighting malware and malicious hackers since 1987, beginning with disassembling early DOS viruses. He specializes in protecting host computers from hackers and malware, and consults to companies from the Fortune 100 to small businesses. A frequent industry speaker and educator, Roger currently works for KnowBe4 as the Data-Driven Defense Evangelist.

A new website explains data breach risk

3 email security protocols that help prevent address spoofing: How to use them

3 email security protocols that help prevent address spoofing: How to use them

DMARC, DKIM and SPF will help cut down on malicious emails from spoofed addresses. Setting them up is easier than you think.

How to stick it to LinkedIn romance scammers

How to stick it to LinkedIn romance scammers

LinkedIn is becoming a popular channel for criminals to find victims for romance scams. Here's how to identify, report and block those scammers.

5 ways compliance hurts security

5 ways compliance hurts security

The tasks of meeting regulatory requirements and providing true security that actually mitigates risk do not align. Here's how focusing exclusively on compliance can undermine security.

How to spot a scam: 14 red flags to watch for

How to spot a scam: 14 red flags to watch for

Does your security awareness training program help your employees learn when someone is trying to scam them?

Does your cyber insurance cover social engineering? Read the fine print

Does your cyber insurance cover social engineering? Read the fine print

Some cyber insurance policies will pay only a small fraction of damages if an attacker used social engineering. Here's how to estimate the risk.

What should your company’s change password policy be?

What should your company’s change password policy be?

Microsoft's recent dropping of its maximum password age default renews the debate over forced password changes. Here's why you should continue to expire passwords.

Why unauthenticated SMS is a security risk

Why unauthenticated SMS is a security risk

Multifactor authentication that uses SMS messaging as a second factor is vulnerable to simple hacks. User education is the best defense.

9 types of malware and how to recognize them

9 types of malware and how to recognize them

Think you know your malware? Here's a refresher to make sure you know what you're talking about — with basic advice for finding and removing malware when you've been hit

Check your access control permissions before hackers do

Check your access control permissions before hackers do

Every organization has devices, networks or cloud services with improperly configured permissions that expose sensitive data or could allow hackers to gain privileged access. Check them now.

Assume breach is for losers: These steps will stop data breaches

Assume breach is for losers: These steps will stop data breaches

Yes, you do need to be prepared should your organization be breached, but countering social engineering, patching, multi-factor authentication and a solid backup plan will keep them from happening.

6 ways to fight deploy and decay

6 ways to fight deploy and decay

Even your best security controls will weaken over time after deployment, much to hackers' delight. Take these steps to slow down or get ahead of that decay.

Load More