With multiple decades of regulatory and cybersecurity compliance, certifications, and event management, I have learned the hard way it is always best to be ahead of the curve and keep a close eye on regulatory requirements and mitigate risk as it relates to PII (Personally Identifiable Information) and PHI (Protected Health Information). I have worked with many companies that have 1) discovered gaps and risk and 2) opened up new verticals because their operating practice was in compliance with HIPAA or NIST (version may vary), just as examples, and were able to then sell into healthcare and MSP verticals.