01 / 컴플라이언스 다이제스트
컴플라이언스 뉴스 다이제스트
규제 변경, 프레임워크 업데이트, 집행 조치, 컴플라이언스 기한을 심각도별로 분류한 월간 요약을 자동 생성합니다.
Top Floor
Compliance Digest: June 2026
2 regulatory events this month — 1 critical, 1 important, 0 informational
Critical (1)
(Projected) CMMC Phase 2: All DoD Contracts Require Certification
CMMC Phase 2 is projected to expand certification requirements to all DoD contracts involving CUI, requiring third-party C3PAO assessments for Level 2 certification. This phase represents the full operationalization of CMMC, where every defense contractor handling CUI must hold a valid certification from an accredited C3PAO, not merely a self-assessment.
Important (1)
(Projected) CISA Secure by Design Principles Expected in Federal Acquisition Requirements
CISA is expected to formalize Secure by Design principles as requirements in federal acquisition regulations by mid-2026. Building on the voluntary pledge program that enrolled over 250 software manufacturers, the projected rule would require software vendors selling to federal agencies to attest compliance with Secure by Design principles, including elimination of default passwords, MFA by default, evidence of vulnerability management maturity, and published vulnerability disclosure policies.
Generated by Top Floor Regulatory Radar. View full event details
이 다이제스트를 이메일로 받아보기
매월 컴플라이언스 뉴스 다이제스트를 업무용 이메일로 받아보십시오. 불필요한 정보 없이 규제 변경 최신 동향을 파악하실 수 있습니다.