Author of “Hacking Multifactor Authentication” | Roger Grimes, Data Driven Defense Evangelist at KnowBe4

Roger Grimes‘  expertise in the field of computer security is unparalleled. He describes himself as the best in the world when it comes to computer security defense- and he has the credentials to back up this assertion.

He works with Kevin Mitnick who he calls the best Offensive Security guy in the world, but he calls himself the best when it comes to Defense.

As all of you know by now I love Offense and Defense Innovation so this interview falls squarely into the category of Defense Innovation for sure.

With more than 40 computer certifications and twelve books authored or (Co-authored) on computer security, Roger has spent over three decades imparting his knowledge to audiences worldwide.

His current title is Data-Driven Defense Evangelist at KnowBe4. He is the author of the new book, Hacking Multifactor Authentication.

Roger is a 33-year senior computer security architect and cybersecurity veteran specializing in general computer security, identity management, PKI, Windows computer security, host security, cloud security, honeypots, APT, and defending against hackers and malware. He has worked at some of the world’s largest computer security companies, including Foundstone, McAfee, and Microsoft.

In this time of remote workforces and distributed endpoints, Roger advocates for Multi-Factor Authentication. However, MFA is not the end all be all for security. The vast majority of hacking doesn’t care about your MFA. It’s all about reducing your risk, according to Roger.

Throughout his many years in the industry, Roger a universal mission that drives all of his actions- to make the internet a safer place. Roger says if he leaves the Earth without accomplishing that feat, he has failed.

I also provide how you can connect with him on Linkedin. He has over 25k followers.

We’ve been sold by the industry that MFA is a Warm Blanky and Panacea for all security ills.

Learn more deeply about this topic as it is critical to your distributed security architectures moving forward

I’m excited to share this conversation with such a distinguished and world-renowned Security Defense Specialist.


Here are useful topics, books, and resources discussed and what you will learn as you listen:

  • Why most companies today fail in risk-based security and how to avoid the most common pitfalls.
  • The benefits of enabling application control software like AppLocker in audit only mode.
  • Why assuming just because you have MFA that you can’t be hacked is false and how smart application of MFA will reduce your risk of getting hacked.
  • Why push applications like FIDO are more effective than SMS-based multi-factor authentication.
  • The highest risk areas CIO’s and CISO’s need to avoid falling into when dealing with MFA.
  • Why MFA and other security measures like it are all about reducing your risk instead of eliminating it completely.

How to Connect with Roger Grimes:

Technologies Referenced in Podcast:

Books Published by Roger A. Grimes Referenced in Podcast:


You can go to the show notes to get more information about this interview and what we discussed in this episode. Click here to download the full transcript.

Love this episode? Leave a Review 

Share it on your LinkedIn feed.

If you haven’t already, please make sure you leave us a review on iTunes.

About Bill Murphy 

Bill Murphy is a world-renowned IT Security Expert dedicated to your success as an IT business leader. 

Connect With Us On Social Media

Connect with Bill on LinkedIn.

Join The CIO Innovation Mastermind Community

We invite the top 20% of Business IT Leaders for my CIO Innovation Mastermind Events group to participate in monthly discussions on things like VR, AI, and other disruptive & emerging technologies. If you want to become a member, email Chief of Staff, Jamie Luber for more information.

Subscribe To Bill Murphy’s RedZone Podcast