Roger A. Grimes

Columnist

Roger A. Grimes is a contributing editor. Roger holds more than 40 computer certifications and has authored eight books on computer security. He has been fighting malware and malicious hackers since 1987, beginning with disassembling early DOS viruses. He currently runs eight honeypots to track hacker and malware behavior and consults to companies from the Fortune 100 to small businesses. A frequent industry speaker and educator, Roger currently works for Microsoft as a principal security architect.

Why aren't we using SHA-3?

How to prove and fight online dating and romance scams

How to prove and fight online dating and romance scams

Friends and family of romance scam victims sometimes call on security pros to prove their online loves are not who they claim to be. Here's how to handle the case the right way.

What is personally identifiable information (PII)? How to protect it under GDPR

What is personally identifiable information (PII)? How to protect it under GDPR

The EU's General Data Protection Regulation requires companies to protect the privacy of their EU customers. That means keeping personally identifiable information (PII) safe. Here's what you need to know.

The two most important ways to defend against security threats

The two most important ways to defend against security threats

Patching and security training programs will thwart attacks more effectively than anything else. You're already doing them. Here's how to do them better.

Using better data to fight credit card fraud

Using better data to fight credit card fraud

Galileo Processing uses artificial intelligence to more accurately identify fraudulent credit card transactions. It's an example of how AI can be a powerful security technology.

What is penetration testing? Ethical hacking basics and requirements

What is penetration testing? Ethical hacking basics and requirements

Penetration testing, or ethical hacking, is an in-demand skill for evaluating an organization’s defenses. Here’s what it entails and tips for breaking into the role.

How bad are Meltdown and Spectre?

How bad are Meltdown and Spectre?

Some people aren't taking hardware vulnerabilities like Meltdown and Spectre seriously. Here's a point-by-point rebuttal to their arguments.

6 reasons you’re failing to focus on your biggest IT security threats

6 reasons you’re failing to focus on your biggest IT security threats

Most companies are not focused on the real security threats they face, leaving them ever more vulnerable. That can change if they trust their data rather than the hype.

Risk management is all about the data; security should be, too

Risk management is all about the data; security should be, too

Bay Dynamics takes a data-driven approach to helping companies identify and address the real security threats based on asset value.

Are you crypto-agile?

Are you crypto-agile?

A recent spate of successful attacks against our most popular and trusted cryptographic algorithms has me hoping that all companies understand the importance of crypto-agility.

17 steps to being completely anonymous online

17 steps to being completely anonymous online

The default state of internet privacy is a travesty. But if you're willing to work hard, you can experience the next best thing to absolute internet anonymity.

The truth about RFID credit card fraud

The truth about RFID credit card fraud

Despite demonstrations to show it's possible, documented cases of RFID credit card fraud are unknown. And as security professionals know, there is a huge gulf between potential crime and actual crime.

Load More