Roger A. Grimes
Columnist
Roger A. Grimes is a contributing editor. Roger holds more than 40 computer certifications and has authored ten books on computer security. He has been fighting malware and malicious hackers since 1987, beginning with disassembling early DOS viruses. He specializes in protecting host computers from hackers and malware, and consults to companies from the Fortune 100 to small businesses. A frequent industry speaker and educator, Roger currently works for KnowBe4 as the Data-Driven Defense Evangelist.
10 types of hackers and how they'll harm you
Understanding the different types of hackers, what motivates them, and the malware they use can help you identify the attacks you are most likely to face and how to properly defend yourself and your organization.
Top cyber security certifications: Who they're for, what they cost, and which you need
Expand your skills, know-how and career horizons with these highly respected cyber security certifications.
Reputational risk and social media: When you're blocked or banned without notice
Businesses depend on sites like Facebook, Twitter, Dropbox, and Apple to interact with customers, promote their messages and store content. One complaint against you can shut you off from those services and damage your brand.
Microsoft Windows 10 vs. Apple macOS: 18 security features compared
Here's how the world's two most popular desktop OSes keep systems and data safe from malware, unauthorized access, hardware exploits and more.
What hackers do: their motivations and their malware
Whether a hacker uses a computer exploit or malware, their motivations are the same. Understanding why and how hackers hack is key to your defense.
6 myths CEOs believe about security
Want a more effective IT security strategy? Dispel your CEO and senior management of these common cybersecurity misconceptions.
The future of computer security is machine vs machine
Better security automation at the OS level and via cloud services will force hackers to respond in kind.
Avoiding security event information overload
Choose a security event information management (SEIM) vendor that helps you focus on only the security event data that needs to be investigated.
Is your defensive security data-driven?
Data-driven defense uses an organization's own data to identify and mitigate the most important threats. Sounds good, but adoption will be met with resistance.
Is your vendor being honest about AI?
Some vendors who claim their products use artificial intelligence or machine learning technology are really using rules-based engines. Here's how to spot the lie.
Why aren't we using SHA-3?
The Secure Hash Algorithm version 3 fixes flaws in the now-standard SHA-2 cipher. Here's how to prepare for a migration to SHA-3 when SHA-2 is inevitably compromised.
How to prove and fight online dating and romance scams
Friends and family of romance scam victims sometimes call on security pros to prove their online loves are not who they claim to be. Here's how to handle the case the right way.
What is personally identifiable information (PII)? How to protect it under GDPR
The EU's General Data Protection Regulation requires companies to protect the privacy of their EU customers. That means keeping personally identifiable information (PII) safe. Here's what you need to know.
The two most important ways to defend against security threats
Patching and security training programs will thwart attacks more effectively than anything else. You're already doing them. Here's how to do them better.
Using better data to fight credit card fraud
Galileo Processing uses artificial intelligence to more accurately identify fraudulent credit card transactions. It's an example of how AI can be a powerful security technology.
What is ethical hacking? Penetration testing basics and requirements
Ethical hacking, also known as penetration testing, is legally breaking into computers and devices to test an organization's defenses. Here’s what ethical hacking entails and tips for breaking into the role.
How bad are Meltdown and Spectre?
Some people aren't taking hardware vulnerabilities like Meltdown and Spectre seriously. Here's a point-by-point rebuttal to their arguments.
6 reasons you’re failing to focus on your biggest IT security threats
Most companies are not focused on the real security threats they face, leaving them ever more vulnerable. That can change if they trust their data rather than the hype.
Risk management is all about the data; security should be, too
Bay Dynamics takes a data-driven approach to helping companies identify and address the real security threats based on asset value.
