Roger Grimes
Data-Driven Defense Evangelist · KnowBe4
Position Evolution
3 tracked across this operator's appearancesSame operator, on the record, on the same topic, at different points in time. Each delta below is anchored to verbatim transcript spans verified against source — no paraphrases. This is the alumni-graph moat: SemiAnalysis cannot reproduce this query because they don't have the speaker-stable corpus.
KnowBe4 customer breach rate evidence
Consistentconfidence 95%Grimes repeats the 2.37% statistic verbatim across both appearances as his primary proof point for training efficacy. The figure is deployed identically in both interviews, signaling it is a rehearsed, load-bearing claim in KnowBe4's market positioning worth tracking for accuracy over time.
"our customers are only 2.37. Only 2.37% of our customers have ever been breached."
Source on theCUBE ↗"Only 2.37% of our customers have ever been compromised ever, in the history of them being our customers."
Source on theCUBE ↗Social engineering as dominant breach vector
Hardenedconfidence 88%Grimes consistently cites the 70-90% figure, but in the later appearance he sharpens the implication: failing to address social engineering renders all other defenses irrelevant. The framing moves from descriptive to prescriptive, raising the stakes for defenders who deprioritize human-risk programs.
"social engineering and phishing is involved in 70 to 90% of successful data breaches after it's bypassed every defense you've thrown in its way."
Source on theCUBE ↗"if you've got one cause, like social engineering, that's 70 to 90% of the problem and you're not trying to effectively mitigate it, the rest doesn't really matter."
Source on theCUBE ↗AI enabling more convincing spear phishing
Shiftedconfidence 78%In the earliest appearance Grimes flags AI-enabled threats only briefly as a future concern tied to an RSA presentation on MFA bypass. By the next day's interview he has developed a detailed, specific argument about AI removing the language-barrier tells that defenders relied on. The threat model has concretized from a teaser into a substantive position.
"I'll be presenting on the different ways to hack MFA, which I've been doing for years and years and years. But for sure I'm going to have some new ways, new ways that MFA could be bypassed."
Source on theCUBE ↗"the AI-enabled tools allow the attacker to not only craft better looking, more realistic social engineering scams... it allows them to respond very quickly again, in that victim's native language, saying something that's kind of realistic sounding."
Source on theCUBE ↗All theCUBE appearances (3)
Cyber Resiliency Summit | Roger Grimes, KnowBe4
GUEST · KnowBe4 · Data-Driven Defense Evangelist
Cyber Resiliency Summit Encore Presentation | Roger Grimes, KnowBe4
GUEST · KnowBe4 · Data-Driven Defense Evangelist
The ART of Security Summit: Strategic Risk Management for CISOs | Roger Grimes, KnowBe4
GUEST · KnowBe4 · Data-Driven Defense Evangelist