Good. I'm glad I get to talk more about it. I don't think there are a lot of standards. When I look at the Treasury Board guidelines and MITS and its requirements, it's not very clear. It doesn't really define what you have to do to train users and to provide a lot of cyber guidance. It's a bit passive. We have our cyber-safe websites. We have places people can go to learn, but are we actively promoting enough information? We could have more campaigns. We could have more learning through games and monthly meetings and themes to raise an awareness. I'll take one example on spear phishing. Has that been well covered here?
