Security professionals build their security plans around compliance to a number of industry-specific regulations. Whether an organization is required to adhere to the standards of PCI, NERC, HIPAA, or FSMA, the concerns are the same. How does a company balance the added costs necessary to comply with the regulations, with the high fines and lost time that comes with not complying? Security compliance isn’t a cut and dry topic. Regulations, as written, are to interpretation; when it comes to security entrances, it’s all in the “eye of the beholder.” A security manager may think he has the necessary precautions in place, but after a breach has occurred, would a court of law agree that the company did everything possible to prevent it? In several cases, the answer has been “no” and hefty fines were imposed.