The BEAMA Member Digital Newsletter – February 2026
🌐 February Newsletter from DSIN
Welcome, BEAMA membership, to this edition of the Digital Strategy & Innovation Network (DSIN) newsletter. Whether you’re just beginning to explore digitisation or you’re already configuring APIs and schema, DSIN is your hub for collaboration, knowledge sharing and practical support.
This month’s DSIN newsletter brings you:
- Secure Today, Safe Tomorrow - Quantum-Ready Devices Matter
- CRA & RED updates - SMEs, reporting platform and FOSS attestations
- Practical actions from the Cyber Growth Action Plan - BEAMA activity & next steps
- DPP update
- Free “Open Data” training opportunities
Protect Today, Secure Tomorrow: Post-Quantum Safeguards for Long-Lived Data
Quantum computing isn’t just a future headline - it changes the threat model for data that must remain private for years or decades. At BEAMA we’re asking a simple but urgent question: could telemetry, firmware, credentials or device logs we collect today be readable tomorrow? If the answer is “maybe,” we need to act now.
Think of today’s cryptography as a photo negative kept in a darkroom. As long as it stays in the dark, it’s safe. Quantum computing is an “instant darkroom” that can develop any negative in minutes — which means data captured and stored today, even if encrypted now, could be exposed when quantum-powered adversaries arrive.
Why this matters to BEAMA members:
- Long-lived devices and systems (EV chargers, smart meters, building controls) generate and retain data for many years. That data can be recorded by adversaries today and decrypted later.
- Classical public-key schemes protecting firmware signing, device identity and secure updates are especially at risk unless we move to post-quantum-safe approaches.
Looking ahead:
BEAMA will be developing informative guidance on post-quantum readiness in Q2 - watch out for updates or contact me directly for more details. Together, we can ensure our devices, systems and networks are secure today and for the decades to come.
“Telemetry, credentials and firmware secured today could be exposed tomorrow; post-quantum safeguards are our shield for the future”
EU CRA updates – RED, SMEs, reporting platform and FOSS attestations
The European Commission has adopted the repeal of Delegated Regulation (EU) 2022/30. It will cease to apply on 11 December 2027, which is when the Cyber Resilience Act becomes fully applicable.
Cybersecurity – repeal of Delegated Regulation supplementing the Radio Equipment Directive
To avoid regulatory duplication in the field of cybersecurity, for radio equipment covered by the RED Delegated Regulation on cybersecurity, it is necessary to repeal that Delegated Regulation with effect from the date of application of all the relevant provisions of the Cyber Resilience Act.
Article 1 of the Delegated Regulation provides that Delegated Regulation (EU) 2022/30 is repealed with effect from 11 December 2027.
ENISA SME Cyber Resilience Act Survey
A few days ago, ENISA launched a survey for SMEs with the aim to understand the overall level of CRA awareness amongst SMEs, how ready and mature they feel for it and what kind of support they would find most useful. The results will provide input to ENISA and the Commission on measures to best support SMEs in their CRA implementation efforts. Please participate in the survey where relevant and / or share it with you contacts!
https://ec.europa.eu/eusurvey/runner/CRASMESurvey
ENISA CRA SRP
Under the CRA, ENISA is responsible for establishing and operating the CRA Single Reporting Platform. Today, ENISA launched a new webpage with frequently asked questions on reporting obligations and the development of the Single Reporting Platform.
Single Reporting Platform (SRP) | ENISA
Survey on voluntary attestations for free and open-source software
The German Federal Office for Information Security (BSI) and the Free Software Foundation Europe (FSFE) have put together a survey to gather input on how voluntary security attestation programmes for open-source software could work under Article 25 of the Cyber Resilience Act. The survey is open until 28 February.
CRA Article 25 — Attestation for Open-Source Software
BEAMA response to the Cyber Growth Action Plan
The Cyber Growth Action Plan recommends nine steps to grow the UK cyber sector and boost resilience. BEAMA is already turning these recommendations into action - tracking policy, publishing guidance, working closely with regulators, policy teams and emerging national cyber initiatives, supporting member skills and ensuring standards are practical for electrical manufacturers.
Read more here - UK Cyber Growth Action Plan
Also to note - A new campaign to provide practical ways for organisations to protect themselves from common online threats.
Businesses urged to “lock the door” on cyber criminals as new government campaign launches
Thank you to DSIN contributors for their input on our guidance. “Shielding the Chain: A BEAMA Members' guide to supply-chain cyber security & resilience”, the guidance is on track for publication in March 2026.
Digital Product Passports Go Global: ISO/IEC JTC Sets the Standard for Interoperability
DPP is now moving beyond the EU - a resolution to establish an ISO/IEC Joint Technical Committee on Digital Product Passport has been approved, taking work on Digital Product Passports into the international standards arena. The new JTC will focus on worldwide interoperable DPP implementations, ensuring compatibility of data, processes and services across sectors and systems. Its goal is to prevent fragmented national or sectoral DPPs, enabling seamless supply chain data flows and creating a truly global framework for product transparency and circularity.
CWA 18311:2025 - “Enabling Circular Economy Practices: Repair and Recycling of PBAs”
BEAMA attended and contributed through regular CEN-CENELEC workshop meetings to the development of CWA 18311:2025 — “Enabling Circular Economy Practices: Repair and Recycling of PBAs”. While not directly aligned to most BEAMA member product areas, the CWA provides a useful horizon view of where ESPR and Digital Product Passport (DPP) thinking is heading, particularly around sustainability, recycling, material declarations and evolving economic-operator responsibilities.
The Foreword and Introduction are especially relevant, as the document acts as a “sandbox” to explore emerging approaches and build early consensus, and is orientated to ongoing DPP work at CEN/CENELEC JTC 24, helping to inform future standardisation and implementation activity.
What is a CWA? A CEN-CENELEC Workshop Agreement is a rapid, consensus-based document used as a “sandbox” to test ideas and shape future standards and regulation.
Our mirror national committee is supporting wider industry awareness via the BSI blog and other channels.
Free “Open Data” training opportunities
Looking to build your open data skills? The data.europa academy - the official learning platform of the European Data Portal - has launched an updated learning journey for 2026 with structured courses and monthly webinars to support professional development in open data use, governance and quality. It’s freely available and ideal for anyone in our sector wanting to strengthen data capabilities. Access requires a simple one-time registration, after which all courses are available on a self-paced basis with certificates on completion.
Get involved!
DSIN is your platform.
Patricia Massey
Head of Digital & Technical Standards, BEAMA
Thank you for your continued engagement.
We look forward to working with you as we navigate these exciting changes and opportunities together.