Strengthening supply chain security to meet evolving global cybersecurity standards for our customers and partners

In today’s digital-first world, trust and security remain critical to every organization. At HPE, we recognize that our customers and partners rely on us not only for cutting-edge technology but also for the assurance that our solutions are secure, compliant, and resilient. As global cybersecurity regulations evolve—particularly with the introduction of the European Union’s  Cyber Resilience Act (CRA)—HPE is advancing its capabilities to meet these demands, ensuring our customers and partners can confidently achieve their goals while navigating new regulatory landscapes.

A Proven Track Record of Supply Chain Security Built for Customers and Partners

HPE has earned a longstanding reputation for its trusted and secure supply chain, a fundamental pillar of the value we consistently deliver to our customers and partners. Our responsibility is to help protect against and mitigate risks through a secure supply chain that is designed with multiple layers of defense and comprehensive protective solutions beginning at product design through end of life or disposal. Cybersecurity testing adds another layer of protection for our customers as they modernize their hybrid cloud environments from edge to cloud. A comprehensive overview of HPE's approach to supply chain security is described in more detail here.

Meeting New Challenges Together: The EU Cyber Resilience Act

The EU CRA introduces one of the most comprehensive cybersecurity frameworks globally, mandating stringent requirements for hardware and software products with digital elements sold in the European Union. For HPE and its customers and partners, compliance with the CRA is essential to maintaining market access, protecting end-user trust, and enabling continued innovation.

Introducing the North America Testing Facility: Supporting Compliance for Our Customers and Partners

To further strengthen our ability to deliver secure solutions to customers and partners and comply with the EU CRA, HPE Operations and the E&E team is establishing a state-of-the-art security testing facility in North America. This facility represents a strategic investment in our shared future, providing centralized compliance testing for HPE’s Compute, Storage, and Networking products while supporting the evolving needs of our customers and partners.

The North America facility will deliver:

• Centralized Security Testing: By consolidating compliance testing into a single location, HPE ensures consistency and efficiency, delivering results that customers and partners can trust.
• Accelerated Certification Timelines: Internal pre-assessments reduce reliance on third-party testing, allowing HPE solutions to reach customers and partners faster.
• Ongoing Testing and Compliance:  The facility will conduct ongoing testing of products to ensure conformity with CRA requirements, maintaining cybersecurity throughout the entire lifecycle of the product.
• Harmonized Documentation Practices: Evidence and reports generated at the facility will follow standardized templates, simplifying compliance submissions and enabling smoother adoption for customers and partners.

Strategically located in North America, the facility taps into skilled local talent while serving as a centralized hub for HPE’s compliance operations. This ensures that HPE can efficiently address the compliance needs of all customers and partners, from enterprise businesses to government agencies.

“Our customers need high-quality, cost-effective and secure engineering they can count on to be reliable and cyber-secure,” said Niysaan Vlasak, VP of Engineering and Enablement for HPE Operations. “By opening this new facility, HPE further enhances the extensive sourcing, inspection and traceability standards of our Trusted Supply Chain to ensure consistent and efficient conformity to CRA requirements.”

Why Compliance and Security Matter

Exemplified by the EU CRA, the evolving regulatory landscape requires manufacturers to demonstrate rigorous cybersecurity measures, not only to protect end-user operations but also to enable continued market access and trust.

By ensuring conformance to the EU CRA, HPE is helping customers and partners maintain uninterrupted access to all 27 EU member states and the three European Economic Area (EEA) countries while reinforcing trust and security in their technology ecosystems.

Looking Ahead: A Shared Commitment to Trust, Security, and Innovation

As cybersecurity regulations like the EU CRA continue to reshape the technology landscape, HPE remains steadfast in its commitment to delivering trusted and secure solutions for our customers and partners. The addition of the North America testing facility, combined with the expertise of the HPE Operations E&E team and the strength of our global supply chain, reinforces HPE’s ability to meet today’s challenges while preparing for the future.

For our customers and partners, this means continued access to innovative solutions that meet the highest standards of security, compliance, and reliability. Together, we are building a safer, more secure digital future—one trusted solution at a time.

Learn More

To learn more about HPE’s commitment to supply chain security and how we are preparing to meet the EU CRA and other global regulations, please contact your HPE representative or visit HPE’s Security and Compliance Page.