Protecting high-risk individuals has always been a problem for the security industry. While many enterprises focus on mitigating scenarios that will affect the greatest number of their users, harm from attacks is not distributed proportionally. Cyber-attacks on high-risk individuals in dangerous situations can lead to torture, kidnapping, and worse. But dealing with targeted attacks is time-consuming and resource intensive. This problem is exacerbated when the target is an individual or small NGO rather than a large enterprise. This talk will discuss the challenges of protecting high-risk, targeted users using the experience of the speakers in assisting targeted NGOs and individuals.