Get Instant Access
to This Blueprint

Small Enterprise Resources icon

Build an Information Security Strategy for Small Enterprises

Small enterprises need a security strategy just like any other sized enterprise.

  • The rate of technological change is accelerating. Organizations continue to invest in technology to run the business, layering more systems to support remote work, enhance customer experience, and generate value.
  • Meanwhile, security threats are growing. Disruptive cyberattacks are more prevalent, sophisticated, and impactful than ever, targeting organizations of all industries and sizes.
  • Security leaders need to adopt a proactive approach to secure the organization now and prioritize funding to high-risk areas.

Our Advice

Critical Insight

  • Technological change is increasing both the protect surface and the variety of tools available to secure it.
  • Security frameworks are helpful, but they don’t describe how to gather business requirements, identify organizational risks, or set an appropriate target state for the program, or which controls to select to conduct an accurate gap analysis for the security program.
  • Security leaders in smaller enterprises often have to accomplish more with fewer resources.

Impact and Result

Build a business-aligned, risk-aware, holistic security strategy:

  • Gather business requirements to prioritize improvements.
  • Assess risks, stakeholder expectations, and risk appetite to set meaningful targets.
  • Do a comprehensive gap analysis to identify improvements.
  • Build a flexible roadmap to set the program on the right footing.

Build an Information Security Strategy for Small Enterprises Research & Tools

1. Build an Information Security Strategy for Small Enterprises Storyboard – A step-by-step document that helps you build a holistic, risk-based, and business-aligned information security strategy.

Your security strategy should not follow frameworks blindly. Instead, it should align with your business context and build on a solid risk assessment and a comprehensive gap analysis. Use this storyboard to build or update a business-aligned, risk-aware, and holistic security strategy that prioritizes program initiatives for the next three years.

2. Information Security Requirements Gathering Tool – A tool to gather business requirements you can use to prioritize security initiatives.

Use this tool to identify the organizational goals and compliance obligations that shape your security strategy and define its scope. Your work will inform the prioritization of security initiatives following the gap analysis.

3. Information Security Pressure Analysis Tool – An evaluation tool to assess the risks and pressures that influence the target state of your security program.

Use this tool to assess the security risks your organization faces, evaluate stakeholder attitudes to information security, and estimate their risk appetite. Your work will help you determine the target state for your information security program ahead of the gap analysis.

4. Information Security Program Gap Analysis Tool – A tool to identify improvement initiatives that address your most significant control gaps.

Use this tool to conduct a comprehensive assessment of the current state of your program and identify improvement initiatives that address your most significant control gaps. Your work will draw on the business requirements and security pressures you identified in previous steps to build a three-year roadmap for your security program.

5. Information Security Strategy Communication Deck – A presentation template you can tailor to different audiences to communicate your security strategy.

Use this deck to present the results of the security strategy to stakeholders and show how the security program will improve over time. The communication deck draws on the outputs of the business requirements, security pressure, and gap analysis tools to build a presentation template you can customized for different audiences.


Member Testimonials

After each Info-Tech experience, we ask our members to quantify the real-time savings, monetary impact, and project improvements our research helped them achieve. See our top member experiences for this blueprint and what our clients have to say.

9.4/10


Overall Impact

$6,789


Average $ Saved

14


Average Days Saved

Client

Experience

Impact

$ Saved

Days Saved

Ames Tile & Stone

Guided Implementation

10/10

N/A

20

Ames Tile & Stone

Guided Implementation

9/10

$3,000

18

It is hard to estimate the savings in time and money. I probably under estimated. It has been a pleasure working with Michal. Michal was very pa... Read More

Synergi Partners

Guided Implementation

10/10

$1,559

1

Inter Continental Real Estate and Development Corporation

Guided Implementation

10/10

$12,599

20

I appreciate the at we did the diagnotics first, so we can figure out the best next steps instead of getting into detailed information. We need to... Read More

Calgary Public Library

Guided Implementation

8/10

$10,000

10

Citron Hygiene

Guided Implementation

9/10

$3,000

4

Best - opened my eyes to the complexity of IT security planning. Worst - I do not see any.

Wikwemikong Office

Guided Implementation

10/10

N/A

120

The Master's University

Guided Implementation

10/10

$100K

120

Clear directions and steps to evaluate and implement our Security Strategy

Tomra of North America, Inc

Guided Implementation

8/10

$12,733

10

We just at the beginning, but appreciate the thought behind the tools and approach, especially how they are targeted towards a small enterprise and... Read More


Workshop: Build an Information Security Strategy for Small Enterprises

Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

Module 1: Assess Business Requirements

The Purpose

  • Assess business requirements.

Key Benefits Achieved

  • Security program alignment criteria

Activities

Outputs

1.1

Understand business and IT strategy and plans.

  • Goals cascade for the security program
1.2

Define business and compliance requirements.

  • Goals cascade for the security program
1.3

Establish the security program scope.

  • Security scope and boundaries statement
1.4

Analyze the organization’s risks and stakeholder pressures.

  • Risk assessment and pressure analysis
1.5

Assess organizational risk appetite.

  • Organizational risk appetite

Module 2: Perform a Gap Analysis

The Purpose

  • Perform a gap analysis.

Key Benefits Achieved

  • Program target state
  • Current-state assessment

Activities

Outputs

2.1

Define program target state.

  • Information security target state
2.2

Assess current security capabilities.

  • Security current-state assessment
2.3

Identify security gaps.

  • List of gaps to address
2.4

Build initiatives to bridge the gaps.

  • Initiatives to address gaps

Module 3: Complete the Gap Analysis

The Purpose

  • Complete the gap analysis.

Key Benefits Achieved

  • Security program improvement tasks and initiatives

Activities

Outputs

3.1

Continue assessing security capabilities.

  • Completed current-state assessment
3.2

Identify security gaps.

  • Completed current-state assessment
3.3

Build task list.

  • Task list to address gaps
3.4

Build initiative list.

  • Initiative list to address gaps

Module 4: Develop Roadmap

The Purpose

  • Develop roadmap.

Key Benefits Achieved

  • Security program roadmap
  • Communication resources

Activities

Outputs

4.1

Conduct cost-benefit analysis.

4.2

Prioritize initiatives.

4.3

Discuss resourcing and accountability.

4.4

Finalize security roadmap.

  • Information security roadmap
4.5

Create communication plan.

  • Draft communication deck

Build an Information Security Strategy for Small Enterprises

INFO-TECH RESEARCH GROUP

Build an Information Security Strategy for Small Enterprises

Small enterprises need a security strategy just like any other sized enterprise.

EXECUTIVE BRIEF

Analyst Perspective

Organization size does not matter when it comes to cybersecurity threats and threat actors. Small, medium, or large, you need an information security strategy!

When threat actors attempt to exploit a known vulnerability for common services and applications, they do not select targets based on the size of the organization. They scan IP addresses and systematically move along a range, hoping to stumble upon an open port or unaddressed vulnerability. They have one goal in mind, and that is to gain access to your environment. Once they are in, then they go to work to create whatever form of havoc falls into their method of operating. They don’t avoid small businesses. They don’t care. Information is worth money, and they want to make money.

So, if threat actors don’t care about the size of your organization, should you approach these threats against your organization any differently than a larger organization?

No, you should not!

The specific tools may differ, external resources may be needed to complement a smaller IT security team, but you still need an approach or strategy, just like the larger organizations.

A strategy that includes assessing and aligning with the business requirements, identifying where security gaps exist, prioritizing initiatives, and building a security strategy roadmap should be your goal.

Photo of P.J. Ryan, Research Director, Info-Tech Research Group.

P.J. Ryan
Research Director
Info-Tech Research Group

Executive Summary

Your Challenge

  • The rate of technological change is accelerating. Organizations continue to invest in technology to run the business, layering more systems to support remote work, enhance customer experience, and generate value.
  • Meanwhile, security threats are growing. Disruptive cyberattacks are more prevalent, sophisticated, and impactful than ever, targeting organizations of all industries and sizes.
  • Security leaders need to adopt a proactive approach to secure the organization now and prioritize funding to high-risk areas.

Common Obstacle

  • Technological change is increasing both the protect surface and the variety of tools available to secure it.
  • Security frameworks are helpful, but they don’t describe how to gather business requirements, identify organizational risks, or set an appropriate target state for the program, or which controls to select to conduct an accurate gap analysis for the security program.
  • Security leaders in smaller enterprises often have to accomplish more with fewer resources.

Info-Tech’s Approach

Build a business-aligned, risk-aware, holistic security strategy:

  • Gather business requirements to prioritize improvements.
  • Assess risks, stakeholder expectations, and risk appetite to set meaningful targets.
  • Conduct a comprehensive gap analysis to identify improvements.
  • Build a flexible roadmap to set the program on the right footing.

Info-Tech Insight

Small enterprises are just as much at risk from cybersecurity threats as larger enterprises. Threats and threat actors do not pass you by just because you are smaller. They view you and your enterprise as an opportunity just like any other enterprise.

Your challenge

The stakes for information security programs have never been greater.

  • The rate of technological change is accelerating. Organizations continue to invest in technology to run the business, layering more systems to support remote work, enhance customer experience, and generate value.
  • Meanwhile, security threats are growing. Disruptive cyberattacks are more prevalent, sophisticated, and impactful than ever, targeting organizations of all industries and sizes.
  • Information security incidents were ranked as the most important business risk worldwide for the second year in a row according to the Allianz Risk Barometer 2023.
  • According to Cybersecurity Ventures, the cost of cybercrimes worldwide will grow by 15% year over year for the next five years, reaching US$10.5 trillion annually by 2025, up from US$3 trillion in 2015.
  • Security leaders need to adopt a proactive approach to secure the organization now and prioritize funding to high-risk areas.

Your challenge

The average cost of security incidents is reaching an all-time high.

  • 83% — Percent of organizations that have had more than one breach in 2022.
  • US$4.45 million — Average cost of a data breach in 2023.
  • US$5.13 million — Average cost of a ransomware attack, not including the cost of the ransom.

(Source: IBM, 2022, 2023.)

Your challenge

Common attacks persist, which suggests that most are still not getting security fundamentals right.

  • 66% — Organizations hit by ransomware in 2021 and 2022. (Sophos, 2022, 2023.)
  • 35% — Organizations who conducted phishing simulations in 2022. (Ponemon, 2023.)
  • 84% — Organizations who experienced phishing attacks with direct financial loss in 2022. (Ponemon, 2023.)

Small enterprises are considered easy targets

Misconception

Small enterprises are less targeted in cyberattacks due to smaller or less valuable assets.

54% of small businesses think they’re too small for a cyberattack. (Source: Cisco Umbrella, 2021.)

Unfortunately, this misconception is often held by nontechnical leaders who set the strategic priorities for the organization, including IT.

Reality

Small enterprises are often the primary target, as they are perceived as lacking the capabilities and resources needed to prevent attacks, and successful attacks generally garner less attention and recourse from the appropriate authorities.

61% of small and midsize businesses were the target of a cyberattack in 2021. (Source: TitanHQ, 2023.)

43% of all cyberattacks target small businesses. (Source: Cisco Umbrella, 2021.)

To properly build an information security strategy, you need to involve and educate certain stakeholders to discuss the reality of the threats, their direct and specific impact on the business, and what the organization needs to protect itself from inevitable attack.

Cyberattacks and breaches hit small enterprises harder

Organizations need to expect and prepare for the inevitable security breach.

  • 94.6% of breaches have a financial motive. (Source: Verizon, 2023.)
  • 145% increase in malicious emails aimed at small businesses’ inboxes in 2022. (Source: Infosecurity Magazine, 2023.)
  • 75% of small businesses could not continue operating if they were hit with ransomware. (Source: StrongDM, 2023.)

The full extent of damage from an attack can extend past the loss of data and finances. Reputational damage as a vulnerable entity can cost small enterprise organizations critical relationships that they depend on to survive.

Financial consequences of security incidents for small enterprises:

  • $2.8 billion in damages from over 700,000 attacks against small businesses in 2020.
  • 51% of small businesses that fall victim to ransomware pay the money.
  • 95% of cybersecurity incidents at small businesses cost between $826 and $653,587. (Source: StrongDM, 2023.)

How well can your business handle a $653,587 hit right now?

Common obstacles

Reactive security strategies can’t keep up.

A circle with four quarters titled 'Reactive Security', the quarters clockwise from the top are 'Business as Usual', 'Identify Threat', 'Purchase Technology', and 'Mitigate Threat'. Individual strategies surround the circle alternating being directly in the center of a quarter and being between them; clockwise from top they are 'Trying to do everything with less staff and smaller budgets.', 'More aggressive threat landscape.', 'Security frameworks don’t describe how to assess risks.', 'Dramatic increase in variety of security tools.', 'Security needs are outpacing limited budgets.', 'Difficult to secure more funding without a plan that ties initiatives to business requirements.', 'Dramatic increase in protect surface.', and 'No defensible target state to make the case for program improvements.'.

Limited Resources:
All is not lost.

You may not have a team of 20 to focus on your cybersecurity program, but that doesn’t mean you can’t still have a first-class security program.

Several options exist that could assist you with any resource challenges related to your security strategy implementation.

Third-party security service providers

  • Varying in size and type of offerings, these can be a great source of support or staff augmentation.

Info-Tech’s Cybersecurity Workforce Development Program

  • Train your internal team to close your cybersecurity skill gaps and build cyber resiliency.

Info-Tech’s Technical Counselor membership

  • Personalized and confidential one-on-one support from a seasoned IT executive to enhance your technical expertise, achieve your goals, and prepare for the next chapter of your career.

Excuses will not protect your organization, and clearly the threat is not going away.

“Cybercriminals will continue to evolve new TTPs, including targeting more small- and medium-sized organizations, in order to avoid attention-grabbing higher profile attacks.” (Canadian Centre for Cyber Security, 2023)

Third-party security service providers

Short-term or long-term, one initiative or a full project: Help is out there.

Many consulting organizations employ staff with security backgrounds.

These organizations offer many options. Some can provide strategy or roadmap guidance while others may provide some “security as a service” options such as:

  • Event log monitoring.
  • Resolving alerts triggered by antivirus or anti-malware systems.
  • Security tool implementation.
  • Security assessments.
  • Security related purchase assistance/guidance.

“If you have one person responsible for watching the logs and events, what happens during the after-hours or when that person goes on vacation? With an outsourced monitoring service, you get access to a team of experts watching your logs and alerts, and taking action, 24 hours a day, 365 days a year.” (Kevin Critch, Regional Sales Director, Ignite Technology)

Info-Tech’s cybersecurity workforce development

Upskill your IT team by going beyond certifying knowledge to assuring competence.

Close competency gaps with Info-Tech’s Cybersecurity Workforce Development Training.

Resources to close competency gaps:

Info-Tech’s cybersecurity workforce training develops critical cybersecurity skills missing within your team and organization. The leadership track provides the same deep coverage of technical knowledge as the analyst track but adds hands-on support and has a focus on strategic business alignment, program management, and governance.

The program builds critical skills through:

  • Standardized curriculum with flexible projects tailored to business needs.
  • Realistic cyber-range scenarios.
  • Ready-to-deploy security deliverables.
  • Real assurance of skill development.

Sample of the 'Cybersecurity Workforce Development Training' research.

Learn more on the Cybersecurity Workforce Development webpage

TECHNICAL COUNSELOR MEMBERSHIP

The Technical Counselor is designed to help IT leaders deliver value, achieve goals, and improve and grow the contributions of IT with a focus on technical excellence. It also includes all People & Leadership content required to manage a team and develop as a leader.

Service Delivery

Dedicated Technical Counselor

Members receive personalized and confidential one-on-one support from a seasoned IT executive to enhance their technical expertise, achieve their goals, and prepare for the next chapter of their career.

Also Includes:
  • 2 Onsite/Virtual Counselor Visits
  • Custom Key Initiative Plan
  • Designated Account Manager

Technical Domains:
  • Applications
  • Infrastructure & Operations
  • Security
  • Data & Analytics
  • Enterprise Architecture
  • Privacy
  • PMO
  • Vendor Management
  • Service Management

Research Content

Project Blueprints

Over 450 step-by-step project methodologies to help members execute technology projects and improve core IT processes.

Tools & Templates Library

Over 1,000 ready-to-deploy tools and templates to save members time creating critical IT documents and project deliverables.

Software Selection Content

SoftwareReviews vendor evaluations and rankings reports that aggregate feedback from real IT professionals and business leaders.

People & Leadership Research

Strategies on how to lead teams effectively and resources proven to help you become a better manager.

Also Includes:
  • IT Process Research

Sample Template
Sample Template

Sample Data Quadrant Report
Sample Data Quadrant Report

Advisory Services

Unlimited Analyst Calls

Unlimited phone access to our team of subject matter experts to guide you through your most challenging technology projects. An analyst from the team who wrote the research works with the member at key project milestones to advise, coach, and offer insight.

Industry Research & Advisory

In-depth, industry-specific research content and advisory service that includes benchmarking reports, trends analysis, technology evaluations, and reference architectures. This feature can be added to the membership as a substitution for onsite visits.

IT Vendor Price Benchmarking & Negotiation Assistance

Access to our IT pricing experts and exclusive negotiation intelligence to achieve best-in-circumstance deals on $1 million plus contract value covering 40 plus major IT vendors. IT Vendor Negotiation Assistance for up to three contracts included with membership.

Also Includes:
  • Concierge Services
  • Software Selection as a Service
  • Contract Review Service
  • Info-Tech LIVE Ticket

Digital Experiences

IT Diagnostic Programs

Over 20 prebuilt survey programs to ask business and IT stakeholders insightful questions and convert their responses into reports that help IT departments make critical decisions.

Also Includes:
  • Info-Tech Academy Training Platform
  • IT Metrics Dashboard
  • Leadership Development Program
  • 360-Degree Feedback Tool

Sample Diagnostic Report
Sample Diagnostic Report

Sample Video Content
Sample Video Content

Info-Tech’s approach

Build a proactive security strategy.

A circle with four quarters titled 'Proactive Security', the quarters clockwise from the top are 'Assess Business Requirements', 'Conduct Gap Analysis', 'Prioritize Initiatives & Build Roadmap', and 'Execute & Maintain Strategy'. Individual strategies surround the circle alternating being directly in the center of a quarter and being between them; clockwise from top they are 'Start with an understanding of business goals.', 'Analyze the threat landscape.', 'Assess organizational and industry risks.', 'Identify a defensible target state based on the threat landscape and your risk assessment.', 'Conduct a gap analysis based on a best-of-breed security framework.', 'Analyze controls across security domains that span people, processes, and technologies.', 'Prioritize security initiatives based on cost, effort, risk mitigation, and business alignment.', and 'Communicate the security strategy effectively and update in response to threats.'.

Use a best-of breed model based on leading frameworks

A cluster of frameworks headed by 'Best Practice Security Capabilities' with an arrow pointing to a capability map.

The image contains a screenshot of Info-Tech's Build and Information Security Strategy thought model.

Info-Tech’s methodology for building an information security strategy for small enterprise

1. Assess Business Requirements

2. Conduct a Gap Analysis

3. Build a Roadmap of Prioritized Initiatives

4. Execute & Maintain a Strategy

Phase Steps

1.1 Define goals & scope

1.2 Assess risks

1.3 Determine pressures

1.4 Determine risk appetite

1.5 Establish target state

2.1 Review security framework

2.2 Assess your current state

2.3 Identify gap closure actions

3.1 Define tasks & initiatives

3.2 Perform cost-benefit analysis

3.3 Prioritize initiatives

3.4 Build roadmap

4.1 Build communication deck

4.2 Execute on your roadmap

Phase Outcomes

  • Goals cascade, scope, and boundaries for the security program
  • Defined risk appetite level, risk assessment, and pressure analysis
  • Information security target state
  • Security current state assessment
  • Gap closure initiatives
  • Information security roadmap
  • Security strategy communication plan

Tools

Information Security Requirements Gathering Tool; Information Security Pressure Analysis Tool Information Security Program Gap Analysis Tool Information Security Program Gap Analysis Tool Information Security Strategy Communication Deck

Insight summary

Small enterprises are just as much at risk from cybersecurity threats as larger enterprises.

Threats and threat actors do not pass you by just because you are smaller. They view you and your enterprise as an opportunity just like any other enterprise.

Your security strategy is a business strategy first.

A well-defined information security strategy is holistic, risk aware, and business-aligned.

Assess business requirements

Protecting the organization means taking on enough risk to enable the organization to meet its objectives.

Seek agreement on the program target state

Higher target states require more investment. Ensure stakeholders agree on the maturity of the program you need from the start to ensure continued support.

Prioritize initiatives and roadmap

Express the benefit of security initiatives in terms of their impact on what matters – the key strategic goals that drive decision making at your organization.

Execute and maintain strategy

Reinforce the concept that a security strategy is an effort to enable the organization to achieve its core mission within its risk appetite.

Blueprint deliverables

Key deliverable:

Information Security Strategy Communication Deck

Present your findings in a prepopulated document that can summarizes all key findings of the blueprint.

Sample of the Information Security Strategy Communication Deck.

Each step of this blueprint is accompanied by supporting deliverables to help you accomplish your goals:

Information Security Requirements Gathering Tool

Define the business, customer, and compliance alignment for your security program.

Information Security Program Gap Analysis Tool

Use our best-of-breed security framework to perform a gap analysis between your current and target states.

Information Security Pressure Analysis Tool

Determine your organization’s security pressures and ability to tolerate risk.

Small enterprises need a security strategy just like any other sized enterprise.

About Info-Tech

Info-Tech Research Group is the world’s fastest-growing information technology research and advisory company, proudly serving over 30,000 IT professionals.

We produce unbiased and highly relevant research to help CIOs and IT leaders make strategic, timely, and well-informed decisions. We partner closely with IT teams to provide everything they need, from actionable tools to analyst guidance, ensuring they deliver measurable results for their organizations.

MEMBER RATING

9.4/10
Overall Impact

$6,789
Average $ Saved

14
Average Days Saved

After each Info-Tech experience, we ask our members to quantify the real-time savings, monetary impact, and project improvements our research helped them achieve.

Read what our members are saying

What Is a Blueprint?

A blueprint is designed to be a roadmap, containing a methodology and the tools and templates you need to solve your IT problems.

Each blueprint can be accompanied by a Guided Implementation that provides you access to our world-class analysts to help you get through the project.

Need Extra Help?
Speak With An Analyst

Get the help you need in this 4-phase advisory process. You'll receive 9 touchpoints with our researchers, all included in your membership.

Guided Implementation 1: Assess business requirements
  • Call 1: Introduce project and complete business requirements gathering.
  • Call 2: Introduce pressure analysis.

Guided Implementation 2: Conduct a gap analysis
  • Call 1: Introduce the maturity assessment.
  • Call 2: Perform gap analysis and translate into initiatives.

Guided Implementation 3: Prioritize initiatives and roadmap
  • Call 1: Consolidate related gap initiatives and define cost, effort, alignment, and security benefits.
  • Call 2: Review cost/benefit analysis and build an effort map.
  • Call 3: Build implementation waves and introduce Gantt chart.

Guided Implementation 4: Execute and maintain the strategy
  • Call 1: Review Gantt chart and ensure budget/buy-in support.
  • Call 2: Three-month check-in: Execute and maintain the strategy.

Authors

Michel Hebert

P.J. Ryan

Contributors

  • Peter Clay, Zeneth Tech Partners, Principal
  • Ken Towne, Zeneth Tech Partners, Security Architect
  • Luciano Siqueria, Road Track, IT Security Manager
  • David Rahbany, The Hain Celestial Group, Director IT Infrastructure
  • Rick Vadgama, Cimpress, Head of Information Privacy and Security
  • Doug Salah, Wabtec Corp, Manager of Information Security and IT Audit
  • Peter Odegard, Children’s Hospitals and Clinics, Information Security Officer
  • Trevor Butler, City of Lethbridge, Information Technology General Manager
  • Shane Callahan, Tractor Supply, Director of Information Security
  • Jeff Zalusky, Chrysalis, President/CEO
  • Candy Alexander, Independent Consultant, Cybersecurity and Information Security Executive
  • Dan Humbert, YMCA of Central Florida, Director of Information Technology
  • Ron Kirkland, Crawford & Co, Manager ICT Security & Customer Service
  • Jason Bevis – FireEye, Senior Director Orchestration Product Management - Office of the CTO
  • Joan Middleton, Village of Mount Prospect, IT Director
  • Jim Burns, Great America Financial Services, Vice President Information Technology
  • Ryan Breed, Hudson’s Bay, Information Security Analyst
  • James Fielder, Farm Credit Services – Central Illinois, Vice President of Information Systems
  • Kevin Critch, Regional Sales Director, Ignite Technology
Visit our IT Cost Optimization Center
Over 100 analysts waiting to take your call right now: 1-519-432-3550 x2019