Today I had a really interesting conversation with a guy from Japan via LinkedIn. It started with him trying to sell me some website design services, but when he realized their services weren't a good fit, he asked me a question. He said "I checked a few websites - what is this risk management thing? If we have this web design studio, how do we calculate our risks?"
Unless you've been hiding under a rock for the past three weeks, you're probably familiar with CVE-2019-0708, also known as the "Bluekeep" vulnerability. This Remote Code Execution vulnerability in Remote Desktop Services (formerly known as Terminal Services) is particularly nasty as it it is pre-authentication and requires no user interaction. This makes it the perfect vulnerability to integrate into a self-propagating worm that would quickly spread around the world, just like WannaCry did in 2017. It also make