VentureBeat Interview with Jerry R. Geisler III, CISO at Walmart Inc.
VentureBeat recently had a virtual sit-down with Jerry R. Geisler III, the Executive Vice President and Chief Information Security Officer at Walmart Inc. Geisler shared valuable insights into the cybersecurity challenges faced by the world’s largest retailer as AI technology becomes more autonomous.
We delved into topics such as securing agentic AI systems, revamping identity management, and the key takeaways from developing Element AI, Walmart’s centralized AI platform. Geisler provided candid insights into how Walmart is addressing unprecedented security challenges, from combatting AI-enhanced cyber threats to managing security across a vast hybrid multi-cloud infrastructure. His innovative approach to rebuilding identity and access management systems offers lessons that can benefit businesses of all sizes.
Leading security at a company of Walmart’s magnitude operating across Google Cloud, Azure, and private cloud environments, Geisler offers unique perspectives on implementing Zero Trust architectures and establishing “velocity with governance,” which enables rapid AI innovation within a secure framework. The architectural decisions made during the development of Element AI have influenced Walmart’s overall strategy for centralizing emerging AI technologies.
Jerry R. Geisler III, Senior VP and Chief Information Security Officer, Walmart
Credit: Walmart
Here are highlights from our conversation:
VentureBeat: How is Walmart evolving its security measures to address emerging threats as AI becomes more autonomous?
Jerry R. Geisler III: The adoption of agentic AI introduces new security risks that traditional controls may not address. Our approach involves implementing advanced AI Security Posture Management to establish proactive security controls for continuous risk monitoring, data protection, compliance, and trust.
VentureBeat: How is Walmart refining its identity management and Zero Trust architectures to accommodate dynamic AI settings?
Geisler: Our approach involves modernizing our IAM stack with a startup mindset to simplify and enhance security. We are implementing protocols like MCP and A2A to enable granular, context-sensitive access controls based on identity, data sensitivity, and risk, while adhering to the principles of Zero Trust.
VentureBeat: How does Walmart’s hybrid multi-cloud infrastructure shape its approach to Zero Trust network segmentation for AI workloads?
Geisler: Walmart’s segmentation is identity-based rather than location-based, ensuring consistent access policies across cloud and on-premises environments. Protocols like MCP and A2A standardize service edge enforcement, applying Zero Trust principles uniformly.
VentureBeat: What AI-driven defenses is Walmart deploying to proactively detect and mitigate advanced threats like phishing?
Geisler: Walmart utilizes advanced machine learning models to detect phishing attempts and behavioral anomalies. Additionally, generative AI is used for adversary simulation campaigns to enhance resilience against evolving threats.
VentureBeat: How is Walmart leveraging its experience with open-source AI models in Element AI to address cybersecurity challenges at an enterprise scale?
Geisler: Walmart’s centralized AI platform allows for concentrated defense and expertise, enabling the implementation of sophisticated security measures consistently across all AI projects.
VentureBeat: What measures is Walmart taking to attract and retain cybersecurity talent equipped for the evolving AI landscape?
Geisler: Walmart offers educational opportunities through programs like Live Better U and hosts events like SparkCon to upskill associates and provide insights into the latest trends in cybersecurity.
VentureBeat: What lessons from developing Element AI are guiding Walmart’s future decisions on centralizing emerging AI technologies?
Geisler: Centralization enables “velocity with governance” and concentrated defense, allowing for rapid innovation within a secure framework and focused expertise on critical security measures.
