The SEC’s Office of Compliance Inspections and Examinations has announced two new sets of cyber sweeps. This time around, the regulator’s standards have risen, the inquiries will be more rigorous and the examiners are bringing more technical expertise. With the current SEC cyber sweeps, “the honeymoon period is over,” Askari Foy, managing director at ACA Aponix, told the Cybersecurity Law Report. By now, "firms should have invested resources, technology or human capital to really align their program with the SEC expectations.” To assist firms in responding effectively if OCIE comes knocking, we share advice on how to prepare for an exam and how to present gaps in programs or policies. See also “SEC Risk Alert Highlights Policy Design and Implementation Failures and Roadmaps Future Enforcement” (Apr. 24, 2019).