Risk & Responsibility

Risk & Responsibility 全球風險與責任情報系統 — 追蹤框架、法規與產業規則的變動 https://risk.weiqi.kids Mon, 23 Mar 2026 04:45:35 +0000 2026-W13 Supply Chain Security https://risk.weiqi.kids/docs/Narrator/supply_chain_security/2026-W13-supply-chain-security/ https://risk.weiqi.kids/docs/Narrator/supply_chain_security/2026-W13-supply-chain-security/ Mon, 23 Mar 2026 00:00:00 +0000 本週追蹤 14 項供應鏈安全動態，涵蓋 ISO/IEC 25706 SPDM 硬體供應鏈驗證標準發布、CSA 第三方風險管理範式轉型、NIST SSDF 1.2 持續推進、供應鏈軟體漏洞管理。 Supply Chain Security 2026-W12 Supply Chain Security https://risk.weiqi.kids/docs/Narrator/supply_chain_security/2026-W12-supply-chain-security/ https://risk.weiqi.kids/docs/Narrator/supply_chain_security/2026-W12-supply-chain-security/ Sun, 22 Mar 2026 00:00:00 +0000 本週追蹤 12 項供應鏈安全動態，涵蓋歐盟建材法規勘誤釐清上市門檻、伊朗軍事支援制裁擴大出口管制、NIST SSDF 1.2 進入最終發布階段、供應鏈軟體漏洞持續被利用。 Supply Chain Security 2026-W09 Supply Chain Security https://risk.weiqi.kids/docs/Narrator/supply_chain_security/2026-W09-supply-chain-security/ https://risk.weiqi.kids/docs/Narrator/supply_chain_security/2026-W09-supply-chain-security/ Sun, 01 Mar 2026 00:00:00 +0000 本週追蹤 11 項供應鏈安全動態，涵蓋 CSF 2.0 兩週年新增製造業社群檔案、CSA CCM v4.1 供應鏈控制擴展與遷移時程、NIST SSDF 1.2 持續推進、SP 800-53 修補管理控制草案。 Supply Chain Security 2026-W08 Supply Chain Security https://risk.weiqi.kids/docs/Narrator/supply_chain_security/2026-W08-supply-chain-security/ https://risk.weiqi.kids/docs/Narrator/supply_chain_security/2026-W08-supply-chain-security/ Wed, 18 Feb 2026 00:00:00 +0000 本週追蹤 9 項供應鏈安全動態，涵蓋 NIST SSDF 1.2 公開徵求意見、IR 8536 製造業供應鏈追溯性元框架、IoT 製造商網路安全指引修訂、歐盟制裁與人源物質安全標準。 Supply Chain Security 2026-W07 Supply Chain Security https://risk.weiqi.kids/docs/Narrator/supply_chain_security/2026-W07-supply-chain-security/ https://risk.weiqi.kids/docs/Narrator/supply_chain_security/2026-W07-supply-chain-security/ Sun, 15 Feb 2026 00:00:00 +0000 本週追蹤 15 項供應鏈安全動態，涵蓋 NIST SSDF 1.2 徵詢期截止、歐盟無森林砍伐商品盡職調查延期、ISO SPDM 標準發布。 Supply Chain Security 2026-W06 https://risk.weiqi.kids/docs/Narrator/supply_chain_security/2026-W06-supply-chain-security/ https://risk.weiqi.kids/docs/Narrator/supply_chain_security/2026-W06-supply-chain-security/ 2026-W06 Supply Chain Security 2026-W13 Rule Change Brief https://risk.weiqi.kids/docs/Narrator/rule_change_brief/2026-W13-rule-change-brief/ https://risk.weiqi.kids/docs/Narrator/rule_change_brief/2026-W13-rule-change-brief/ Mon, 23 Mar 2026 00:00:00 +0000 本期追蹤 50 項框架與標準變動，重點包括 NIST IoT Future Directions 工作坊倒數一週、Privacy Framework 1.1 即將發布、ISO/IEC 29167-22:2026 RFID 加密標準更新、POSIX Issue 8 正式發布。 Rule Change Brief 2026-W12 Rule Change Brief https://risk.weiqi.kids/docs/Narrator/rule_change_brief/2026-W12-rule-change-brief/ https://risk.weiqi.kids/docs/Narrator/rule_change_brief/2026-W12-rule-change-brief/ Sun, 22 Mar 2026 00:00:00 +0000 本期追蹤 50 項框架與標準變動，重點包括 NIST IoT 計畫未來方向工作坊徵集意見、SSDF 1.2 公開徵詢持續中、CISA KEV 6 項弱點修復期限追蹤。資安主管與法遵團隊必讀。 Rule Change Brief 2026-W09 Rule Change Brief https://risk.weiqi.kids/docs/Narrator/rule_change_brief/2026-W09-rule-change-brief/ https://risk.weiqi.kids/docs/Narrator/rule_change_brief/2026-W09-rule-change-brief/ Sun, 01 Mar 2026 00:00:00 +0000 本期追蹤 50 項框架與標準變動，重點包括 CSA CCM v4.1 強制轉型時程公布、ISO/IEC TS 27103:2026 網路安全框架指引發布、CISA KEV 新增 5 項強制修復弱點。資安主管與法遵團隊必讀。 Rule Change Brief 2026-W08 Rule Change Brief https://risk.weiqi.kids/docs/Narrator/rule_change_brief/2026-W08-rule-change-brief/ https://risk.weiqi.kids/docs/Narrator/rule_change_brief/2026-W08-rule-change-brief/ Tue, 17 Feb 2026 00:00:00 +0000 本期追蹤 50 項框架與標準變動，重點包括 NIST SP 800-53 Rev. 5.2.0 新增三項控制項回應 Executive Order 14306、NISTIR 8596 首個 AI 網路安全框架配置檔草案、SSDF Version 1.2 安全軟體開發框架修訂。 Rule Change Brief 2026-W07 Rule Change Brief https://risk.weiqi.kids/docs/Narrator/rule_change_brief/2026-W07-rule-change-brief/ https://risk.weiqi.kids/docs/Narrator/rule_change_brief/2026-W07-rule-change-brief/ Sun, 15 Feb 2026 00:00:00 +0000 本期追蹤 50 項框架與標準變動，涵蓋 NIST SP 800-53 Rev. 5.2.0 新增控制項、ISO/IEC TS 27103:2026 框架整合指引、歐盟生態設計法規勘誤。資安主管與法遵團隊必讀。 Rule Change Brief 2026-W06 https://risk.weiqi.kids/docs/Narrator/rule_change_brief/2026-W06-rule-change-brief/ https://risk.weiqi.kids/docs/Narrator/rule_change_brief/2026-W06-rule-change-brief/ 2026-W06 Rule Change Brief 2026-W05 https://risk.weiqi.kids/docs/Narrator/rule_change_brief/2026-W05-rule-change-brief/ https://risk.weiqi.kids/docs/Narrator/rule_change_brief/2026-W05-rule-change-brief/ 2026-W05 Rule Change Brief 2026-W13 Executive Summary https://risk.weiqi.kids/docs/Narrator/executive_summary/2026-W13-executive-summary/ https://risk.weiqi.kids/docs/Narrator/executive_summary/2026-W13-executive-summary/ Mon, 23 Mar 2026 00:00:00 +0000 本週 3 大風險管理重點：NIST Privacy Framework 1.1 即將發布並與 CSF 2.0 對齊、ISO/IEC 25706 SPDM 硬體供應鏈驗證標準正式發布、CLAIR 模型揭示 AI 整合的基礎設施級聯失效風險。 Executive Summary 2026-W12 Executive Summary https://risk.weiqi.kids/docs/Narrator/executive_summary/2026-W12-executive-summary/ https://risk.weiqi.kids/docs/Narrator/executive_summary/2026-W12-executive-summary/ Sun, 22 Mar 2026 00:00:00 +0000 本週 3 大風險管理重點：歐盟對中國與伊朗網攻行為者實施制裁、伊朗軍事零組件出口禁令擴大、EU AI Act 人類監督條款倒數 5 個月。 Executive Summary 2026-W09 Executive Summary https://risk.weiqi.kids/docs/Narrator/executive_summary/2026-W09-executive-summary/ https://risk.weiqi.kids/docs/Narrator/executive_summary/2026-W09-executive-summary/ Sun, 01 Mar 2026 00:00:00 +0000 本週 3 大風險管理重點：歐盟通過俄羅斯能源進口禁令最快 3 月生效、CSA CCM v4.1 強制轉型 2027 年底前完成、CISA KEV 新增 5 項已遭利用弱點須立即修復。 Executive Summary 2026-W13 Cybersecurity Compliance https://risk.weiqi.kids/docs/Narrator/cybersecurity_compliance/2026-W13-cybersecurity-compliance/ https://risk.weiqi.kids/docs/Narrator/cybersecurity_compliance/2026-W13-cybersecurity-compliance/ Mon, 23 Mar 2026 00:00:00 +0000 本週追蹤 16 項資安合規動態，涵蓋 CSF 2.0 兩週年生態盤點、NIST IoT 安全工作坊（3/31）、CSA CCM v4.1 強制轉換時程、AI Controls Matrix 獲 CSO Awards、SP 800-53 強制控制項持續推動。 Cybersecurity Compliance 2026-W12 Cybersecurity Compliance https://risk.weiqi.kids/docs/Narrator/cybersecurity_compliance/2026-W12-cybersecurity-compliance/ https://risk.weiqi.kids/docs/Narrator/cybersecurity_compliance/2026-W12-cybersecurity-compliance/ Sun, 22 Mar 2026 00:00:00 +0000 本週追蹤 14 項資安合規動態，涵蓋 NIST Cyber AI Profile 草案開發、IoT 安全方法學正式發布、SP 800-53 Rev. 5.2.0 強制控制項，以及 CSA-MITRE ATT&CK 映射指引。 Cybersecurity Compliance 2026-W09 Cybersecurity Compliance https://risk.weiqi.kids/docs/Narrator/cybersecurity_compliance/2026-W09-cybersecurity-compliance/ https://risk.weiqi.kids/docs/Narrator/cybersecurity_compliance/2026-W09-cybersecurity-compliance/ Sun, 01 Mar 2026 00:00:00 +0000 本週追蹤 50 項資安合規動態，涵蓋 CSF 2.0 兩週年七份社群檔案草案、CSA CCM v4.1 轉換時程、ISO/IEC TS 27103:2026 發布，以及 NIST SP 800-53 Rev. 5.2.0 持續推動中。 Cybersecurity Compliance 2026-W08 Cybersecurity Compliance https://risk.weiqi.kids/docs/Narrator/cybersecurity_compliance/2026-W08-cybersecurity-compliance/ https://risk.weiqi.kids/docs/Narrator/cybersecurity_compliance/2026-W08-cybersecurity-compliance/ Tue, 17 Feb 2026 00:00:00 +0000 本週追蹤 50 項資安合規動態，涵蓋 NIST SP 800-53 Rev. 5.2.0 新增控制項、NIST IR 8374 勒索軟體風險管理、CSF 2.0 Govern 功能深度探討及 CISA KEV 漏洞通報。 Cybersecurity Compliance