The SEC Office of Compliance Inspections and Examinations (OCIE) continues to focus on cybersecurity preparedness of broker-dealers and investment advisers. Building on past initiatives and guidance, OCIE recently announced a second round of examinations “to assess implementation of firm procedures and controls.” On September 15, 2015, OCIE issued a Risk Alert (Alert) detailing its concerns, as well as sample requests for information, in regard to six focus areas. This article summarizes the key provisions and explores the implications of the Alert for investment advisers and broker-dealers. For more on cybersecurity risks, regulations and preparedness, see our series covering K&L Gates-IAA panels addressing “Cybersecurity Laws and Threats Applicable to Investment Managers (Part One of Two),” Hedge Fund Law Report, Vol. 8, No. 16 (Apr. 23, 2015); and “Cybersecurity Risk Mitigation Frameworks and Techniques for Investment Managers (Part Two of Two),” Vol. 8, No. 17 (Apr. 30, 2015). See also “ACA Compliance Group Clarifies Misconceptions Commonly Held by Fund Managers with Respect to Cybersecurity,” Hedge Fund Law Report, Vol. 8, No. 15 (Apr. 16, 2015).