On the social media regulation piece, I'm probably not the right person. I haven't really assessed that.
On the small and medium enterprise piece, part of it is that we have to raise the general resiliency bar. I think it's unreasonable to expect them to be able to launch a cyber-defence initiative like, for example, the one we run for the Government of Canada. That's unaffordable for every small and medium enterprise.
How do we raise the tide? How do we raise the general cybersecurity in the industry that they can then take advantage of? Second, how do we partner with the larger service providers, the people who provide this, for something that small and medium enterprises can consume? I think the third piece is going to be that the insurance industry has a remarkable ability to nudge small and medium enterprises, and I think that is coupled with the small and medium enterprise program that's been announced as part of the cybersecurity strategy.
I think those can all help, but at the end of the day, we have to place a value on it.