How Kroger Defends Against Omni Threats

With the rise of AI, the retailer looks at ways to protect against attacks both online and in-store
Gina Acosta
Gina Acosta, Progressive Grocer
krogercyber
From left: Wendi Whitmore of Palo Alto Networks; Carrie Tharp of Google; Nicole Beckwith of Kroger; and Diane Brown of Ulta Beauty speak during an NRF Big Show session on threats to retailers.

The rise of generative AI poses a new threat to food retailers already bogged down with rising incidences of violence and theft in stores, as well as cyber attacks.

Nicole Beckwith, manager of threat operations at Kroger, recently spoke at a session during NRF's Big Show and said the barriers to entry are much lower when threat actors are using GenAI. 

However, retailers can also use AI to beat bad actors at their own game.

“We're worried about the speed at which we not only detect the attacks but protect against them? So I think AI is also another tool in our belt to be able to utilize, to protect the company even better,” Beckwith said. 

She said the company is seeing cyber attacks on help desks, phone calls to stores, and other bad acts.

“A little bit of an intersection there between the physical and the cyber threats as well. But I think AI is here to stay basically. It's going to be embedded in everything we do, and we just have to use it to further what we do as a company to defend ourselves,” Beckwith said. “They use it to write better code. If I didn't know Rust (programming language), I could use generative AI to help me out, right?”

[RELATED: "EXCLUSIVE: 3 Big Trends Affecting the Future of Grocery"]

Beckwith said the retailer is looking at how to protect its data so that it does not become a part of the GenAI crime web.

“How do we protect Kroger data so that it's not leaking into these platforms and into these models, and become a data set?” she said. 

As for current threats, Beckwith said the company is seeing cyber attacks such as account takeovers and is looking at various ways of combatting them.

“We're trying to find ways, with the multifactor authentication for example, to ensure that the data stays safe but you don't have to log in every single time because none of us like that,” Beckwith said. “So using biometrics, using facial recognition, how can we enable two factor authentication but not have to utilize it in every single instance? What detections can we put on the backend? Impossible travel, for example. If Diane logs in from Texas one day, and then she logs in from London in an hour, are we detecting those sorts of things? It’s all about enabling the business, enabling the customers to be able to shop the way they want, with the payment cards that they want. Making sure that we give the customer those options, but make it an easy and frictionless experience.”

Beckwith talked about her background in law enforcement and her team's breadth of experience in cyber threats. 

“With my team, we have such a diverse background, and I handpicked those people for their background. We have HR. We have law enforcement. We have dark web, brand monitoring, marketing, and that all plays into how we protect the company,” she said. 

She said her team is increasingly working with the company’s asset protection leaders as online mixes with physical even when it comes to crime.

“My team reaches out across multiple orgs within Kroger, one of which is physical security. And more and more, we're seeing a shift of cybersecurity also touching the physical security space. And so my team is regularly working with our asset protection folks, our security folks, making sure that we understand where each other play,” Beckwith said. “So maybe there's a threat on the backend in cyber space, an account takeover and loyalty payments. We see that come into the physical aspect when it transfers to actual products in the store being stolen.”

Beckwith says she also works hand in hand with physical store teams on things like skimmers too.

“It's so important nowadays. If your cybersecurity team is not working with asset protection, physical security, then start that conversation,” she said. “We're regularly, I'd say probably weekly, working with those teams on those threats.”

Beckwith cited some of the security threats in Kroger stores now, and theft is one that is not going away.

“Physical theft, but we're seeing different pieces of the store. ... For Kroger, it's the diapers, the formula, the laundry detergent, alcohol, and we're starting to have to put some of those behind the counter, or transition to a locker system,” Beckwith said. “It's unfortunate but it's the reality of where we live today. And so going back to the customer experience. We have to make sure that we're protecting the bottom line but also not making it a bad experience in store for our consumers.”

More Grocery Business News

Related Topics

X
This ad will auto-close in 10 seconds