Roger A. Grimes

Columnist

Roger A. Grimes is a contributing editor. Roger holds more than 40 computer certifications and has authored ten books on computer security. He has been fighting malware and malicious hackers since 1987, beginning with disassembling early DOS viruses. He specializes in protecting host computers from hackers and malware, and consults to companies from the Fortune 100 to small businesses. A frequent industry speaker and educator, Roger currently works for KnowBe4 as the Data-Driven Defense Evangelist.

5 signs you've been hit with an advanced persistent threat (APT)

5 signs you've been hit with an advanced persistent threat (APT)

Do you have valuable data on your network? Noticing odd network behavior? You could be the victim of an APT attack

10 types of hackers and how they'll harm you

10 types of hackers and how they'll harm you

Understanding the different types of hackers, what motivates them, and the malware they use can help you identify the attacks you are most likely to face and how to properly defend yourself and your organization.

Top cyber security certifications: Who they're for, what they cost, and which you need

Top cyber security certifications: Who they're for, what they cost, and which you need

Expand your skills, know-how and career horizons with these highly respected cyber security certifications.

Reputational risk and social media: When you're blocked or banned without notice

Reputational risk and social media: When you're blocked or banned without notice

Businesses depend on sites like Facebook, Twitter, Dropbox, and Apple to interact with customers, promote their messages and store content. One complaint against you can shut you off from those services and damage your brand.

Microsoft Windows 10 vs. Apple macOS: 18 security features compared

Microsoft Windows 10 vs. Apple macOS: 18 security features compared

Here's how the world's two most popular desktop OSes keep systems and data safe from malware, unauthorized access, hardware exploits and more.

What hackers do: their motivations and their malware

What hackers do: their motivations and their malware

Whether a hacker uses a computer exploit or malware, their motivations are the same. Understanding why and how hackers hack is key to your defense.

6 myths CEOs believe about security

6 myths CEOs believe about security

Want a more effective IT security strategy? Dispel your CEO and senior management of these common cybersecurity misconceptions.

The future of computer security is machine vs machine

The future of computer security is machine vs machine

Better security automation at the OS level and via cloud services will force hackers to respond in kind.

Avoiding security event information overload

Avoiding security event information overload

Choose a security event information management (SEIM) vendor that helps you focus on only the security event data that needs to be investigated.

Is your defensive security data-driven?

Is your defensive security data-driven?

Data-driven defense uses an organization's own data to identify and mitigate the most important threats. Sounds good, but adoption will be met with resistance.

Is your vendor being honest about AI?

Is your vendor being honest about AI?

Some vendors who claim their products use artificial intelligence or machine learning technology are really using rules-based engines. Here's how to spot the lie.

Why aren't we using SHA-3?

Why aren't we using SHA-3?

The Secure Hash Algorithm version 3 fixes flaws in the now-standard SHA-2 cipher. Here's how to prepare for a migration to SHA-3 when SHA-2 is inevitably compromised.

How to prove and fight online dating and romance scams

How to prove and fight online dating and romance scams

Friends and family of romance scam victims sometimes call on security pros to prove their online loves are not who they claim to be. Here's how to handle the case the right way.

What is personally identifiable information (PII)? How to protect it under GDPR

What is personally identifiable information (PII)? How to protect it under GDPR

The EU's General Data Protection Regulation requires companies to protect the privacy of their EU customers. That means keeping personally identifiable information (PII) safe. Here's what you need to know.

The two most important ways to defend against security threats

The two most important ways to defend against security threats

Patching and security training programs will thwart attacks more effectively than anything else. You're already doing them. Here's how to do them better.

Using better data to fight credit card fraud

Using better data to fight credit card fraud

Galileo Processing uses artificial intelligence to more accurately identify fraudulent credit card transactions. It's an example of how AI can be a powerful security technology.

What is ethical hacking? Penetration testing basics and requirements

What is ethical hacking? Penetration testing basics and requirements

Ethical hacking, also known as penetration testing, is legally breaking into computers and devices to test an organization's defenses. Here’s what ethical hacking entails and tips for breaking into the role.

How bad are Meltdown and Spectre?

How bad are Meltdown and Spectre?

Some people aren't taking hardware vulnerabilities like Meltdown and Spectre seriously. Here's a point-by-point rebuttal to their arguments.

6 reasons you’re failing to focus on your biggest IT security threats

6 reasons you’re failing to focus on your biggest IT security threats

Most companies are not focused on the real security threats they face, leaving them ever more vulnerable. That can change if they trust their data rather than the hype.

Risk management is all about the data; security should be, too

Risk management is all about the data; security should be, too

Bay Dynamics takes a data-driven approach to helping companies identify and address the real security threats based on asset value.

Load More