Subscribe Now
VentureBeat recently had the opportunity to virtually interview Jerry R. Geisler III, the Executive Vice President and Chief Information Security Officer at Walmart Inc., to discuss the cybersecurity challenges faced by the retail giant as AI technology becomes more autonomous.
The conversation delved into topics such as securing agentic AI systems, updating identity management practices, and the key takeaways from the development of Element AI, Walmart’s centralized AI platform. Geisler shared candid insights into how Walmart is addressing unprecedented security threats, from combating AI-driven cyber attacks to managing security across a vast hybrid multi-cloud infrastructure. His innovative approach to revamping identity and access management systems offers valuable lessons for businesses of all sizes.
Credit: Walmart
Below are some highlights from our discussion:
AI Scaling Faces New Challenges
Discover how top teams are turning energy into a strategic advantage, architecting efficient inference for real throughput gains, and unlocking competitive ROI with sustainable AI systems. Secure your spot to stay ahead: https://bit.ly/4mwGngO
VentureBeat: In light of the increasing autonomy of generative and agentic AI, how will Walmart adapt its governance and security measures to combat emerging threats and unintended model behaviors?
Jerry R. Geisler III: The rise of agentic AI poses new security risks that traditional controls may not address. To mitigate these risks, we are implementing advanced AI Security Posture Management to ensure continuous risk monitoring, data protection, regulatory compliance, and operational trust.
VentureBeat: How is Walmart enhancing its identity management and Zero Trust frameworks to provide precise, context-aware data access in dynamic AI environments?
Geisler: Our approach to identity management is tailored to our unique environment, with a focus on modernizing our IAM stack while maintaining the principle of least privilege. We are adopting protocols like MCP and A2A to enable real-time access decisions based on identity, data sensitivity, and risk.
VentureBeat: How does Walmart’s hybrid multi-cloud infrastructure influence its approach to Zero Trust network segmentation for AI workloads?
Geisler: Our segmentation strategy is identity-based rather than location-based, ensuring consistent access policies across cloud and on-premises environments. Protocols like MCP and A2A help standardize service edge enforcement and uphold zero trust principles uniformly.
VentureBeat: What AI-driven defenses is Walmart utilizing to proactively detect and mitigate evolving threats such as sophisticated phishing attacks?
Geisler: We leverage advanced machine learning models to identify anomalies and detect phishing attempts, while also using generative AI for adversary simulation to enhance resilience against such threats. Our approach combines human expertise with technology to safeguard against emerging cybersecurity risks.
VentureBeat: What cybersecurity challenges has Walmart encountered with open-source AI models in Element AI, and how is its security strategy evolving to address these challenges at scale?
Geisler: Our centralized AI platform allows for concentrated defense and expertise, enabling us to implement robust security measures across all AI projects. By embedding security from the start and focusing our resources strategically, we can effectively address cybersecurity challenges associated with open-source AI models.
VentureBeat: How is Walmart automating incident response and managing cybersecurity incidents across its global infrastructure effectively?
Geisler: Intelligent automation is key to our incident response program, allowing us to orchestrate rapid workflows and prioritize actions based on risk assessment. By combining automation with human decision-making, we can respond swiftly to threats and maintain security at scale.
VentureBeat: What initiatives is Walmart implementing to attract and retain cybersecurity talent prepared for the evolving AI landscape?
Geisler: Walmart’s educational programs and industry events like SparkCon aim to upskill associates and connect them with cybersecurity professionals. By offering opportunities for continuous learning and networking, we ensure our team is equipped to handle the challenges of the AI-driven threat landscape.
VentureBeat: Reflecting on Element AI, what cybersecurity lessons have guided Walmart’s decisions on centralizing emerging AI technologies?
Geisler: Centralization enables rapid innovation within a trusted framework and allows for concentrated defense against evolving threats. By learning from our experience with Element AI, we continue to prioritize security in our architectural decisions to safeguard our AI initiatives effectively.
