VentureBeat recently had a virtual interview with Jerry R. Geisler III, Executive Vice President and Chief Information Security Officer at Walmart Inc., to discuss the cybersecurity challenges faced by the world’s largest retailer as AI technology becomes more autonomous.
The discussion focused on securing agentic AI systems, modernizing identity management, and the lessons learned from building Element AI, Walmart’s centralized AI platform. Geisler shared insights on how the company addresses unprecedented security challenges, such as AI-enhanced cyber threats and managing security across a vast hybrid multi-cloud infrastructure. His approach to rebuilding identity and access management systems offers valuable lessons for enterprises.
Geisler’s leadership in security for a company operating on Walmart’s scale, across Google Cloud, Azure, and private cloud environments, brings unique insights into implementing Zero Trust architectures and building what he calls “velocity with governance.” This enables rapid AI innovation within a trusted security framework. The architectural decisions made during the development of Element AI have influenced Walmart’s approach to centralizing emerging AI technologies.
As AI technology scales, issues like power caps, rising token costs, and inference delays are reshaping enterprise AI. Top teams are exploring strategies to turn energy into a strategic advantage, architect efficient inference for real throughput gains, and unlock competitive ROI using sustainable AI systems.
VentureBeat asked Geisler how Walmart’s governance and security guardrails will evolve to address emerging AI threats and unintended model behaviors as AI becomes increasingly autonomous. Geisler highlighted the emergence of new security threats with agentic AI that bypass traditional controls. These threats, including data exfiltration and autonomous API misuse, require robust proactive security controls. Walmart’s strategy involves using advanced AI Security Posture Management for continuous risk monitoring and compliance.
Given the limitations of traditional RBAC in dynamic AI settings, Geisler discussed how Walmart is refining its identity management and Zero Trust architectures. A startup mindset is used to ask fundamental questions, leading to modernization of the IAM stack. Adoption of protocols like MCP and A2A enhances security by enabling granular, context-sensitive access controls.
Walmart’s extensive hybrid multi-cloud infrastructure informs its approach to Zero Trust network segmentation and micro-segmentation for AI workloads. Segmentation is based on identity, with access policies following workloads consistently, aided by protocols like MCP and A2A.
In response to AI lowering barriers for advanced threats, Walmart deploys AI-driven defenses to detect and mitigate these threats. Advanced machine learning models identify behavioral anomalies, and generative AI is used to simulate attack scenarios as part of red-teaming initiatives.
Walmart’s use of open-source AI models in Element AI presents unique cybersecurity challenges, addressed through identity-based segmentation and consistent access policies. Geisler mentioned how Walmart employs measures like SOAR platforms for rapid response during cybersecurity incidents.
To attract and retain cybersecurity talent for the evolving AI landscape, Walmart offers the Live Better U program for degrees and certifications in relevant fields. The annual SparkCon event connects associates with industry professionals to explore cybersecurity trends and enhance skills.
Reflecting on the development of Element AI, Geisler noted two major lessons guiding future strategies: centralization aids “velocity with governance” by simplifying AI development and providing a unified security control plane, and it allows concentrated defense and expertise, focusing talent and controls where they are most needed. These strategies ensure innovation happens within a secure framework.
For more insights on business use cases with generative AI, subscribe to VB Daily.