During a recent lunch meeting with an individual from one of Canada’s largest financial institutions, the subject of cyber attacks came up. He rather nonchalantly informed me that his company was the number one Canadian target for hackers. Intrigued, I asked if I could talk with his CIO about it. He politely declined; telling me it was corporate policy never to speak to the media about security for fear of increasing the company’s profile in the eyes of hackers.