Roger A. Grimes

Columnist

Roger A. Grimes is a contributing editor. Roger holds more than 40 computer certifications and has authored ten books on computer security. He has been fighting malware and malicious hackers since 1987, beginning with disassembling early DOS viruses. He specializes in protecting host computers from hackers and malware, and consults to companies from the Fortune 100 to small businesses. A frequent industry speaker and educator, Roger currently works for KnowBe4 as the Data-Driven Defense Evangelist.

Wanted: Data breach risk ratings, because not all breaches are equal

Do you still need a firewall?

Do you still need a firewall?

Traditional firewall software no longer provides meaningful security, but the latest generation now offers both client-side and network protection.

10 topics every security training program should cover

10 topics every security training program should cover

A thorough end-user education program is a necessary weapon in the battle to protect your perimeter. These 10 topics are the baseline of what to include in an awareness training program.

12 things every IT security professional should know

12 things every IT security professional should know

Fighting the good fight takes specialized knowledge. Here's the baseline of what all security pros should know.

Why you should consider crowdsourcing IT security services

Why you should consider crowdsourcing IT security services

Whether you need a pentesting team, a bug bounty program, or a vulnerability disclosure plan, several crowdsourcing platforms can take the risk and pain from the process.

4 scams that illustrate the one-way authentication problem

4 scams that illustrate the one-way authentication problem

These scams rely on tricking consumers into believing they are interacting with a trusted vendor. Here’s how vendors can prevent the scams.

Why you need centralized logging and event log management

Why you need centralized logging and event log management

Collecting too much log data overwhelms systems and staff. Centralized event log management lets you filter for the most significant security data.

How to evaluate web authentication methods

How to evaluate web authentication methods

Authentication evaluation white paper includes popular and obscure methods and outlines a framework for assessing their security effectiveness.

Are regulations keeping you from using good passwords?

Are regulations keeping you from using good passwords?

Most companies are using password "best practices" that are out of date and ineffective. Regulations are getting in the way of changing them.

Who wants to go threat hunting?

Who wants to go threat hunting?

Rob Lee talks about how he became one of the first threat hunters and how you can become one. It will take skills in IR, forensics, and security analytics.

10 types of hackers and how they'll harm you

10 types of hackers and how they'll harm you

Understanding the different types of hackers, what motivates them, and the malware they use can help you identify the attacks you are most likely to face and how to properly defend yourself and your organization.

Reputational risk and social media: When you're blocked or banned without notice

Reputational risk and social media: When you're blocked or banned without notice

Businesses depend on sites like Facebook, Twitter, Dropbox, and Apple to interact with customers, promote their messages and store content. One complaint against you can shut you off from those services and damage your brand.

Load More