Hacking and Protecting Walmart's Network
She Ain't No Hack
Meet Carrie Roberts, the Engineer Whose Job is Hacking and Protecting Walmart’s Network

From her desk in Boise, Idaho, Carrie Roberts is at work doing recon for the next attack on Walmart’s internet security systems.

 

It might seem counterintuitive, but the attempted hacking that Carrie fights against is actually a good thing – a benefit to Walmart customers and associates alike. As a Dynamic Defense Engineer for Walmart’s Information Security “Blue Team,” experimenting with pretend attacks is how she helps keep Walmart’s systems, such as email servers, safe from potential threats. 

And the pretend hackers she’s fighting with? They’re working toward the same cause.  Opposite Carrie’s Blue Team, they’re a group of associates who call themselves the Red Team, made up of “nice” hackers who work to test the company’s defenses. While the Red Team attempts to break in, the Blue Team is treating every simulated attack on Walmart’s systems as if it were a real threat, training and staying sharp in the process.

 

A strong Red/Blue team dynamic helps both sides get better – continually strengthening the security of the organization. It’s rare to see in the cybersecurity field, but Chief Information Security Officer Jerry Geisler designed these teams to ensure that data from Walmart’s more than 275 million weekly customers and 2.2 million associates remains secure.

 

“Our Information Security team is dedicated to keeping our systems across Walmart and our family of brands secure,” Geisler said. “We’re responsible for the security of hundreds of millions of people, and we take that very seriously.”

 

It’s a unique environment, and an exciting one that’s the making of a dream job for engineers like Carrie.

Carrie said...
“The best part of my job, hands down, is the creativity. Thinking up new ways to use the information in front of me is kind of like playing a game all day. It’s pretty much a guarantee that I’ll always have something new to explore.”

Carrie is a regular speaker at industry events, including DerbyCon, one of the most popular information security conferences in the U.S. with around 4,000 attendees. Last year, she and two members of Walmart’s Blue Team gave a presentation on advanced detection of malicious documents – attachments sent from a familiar email address that seem harmless, but give intruders full access to your information when clicked. Carrie and her team also presented new insights on this topic at Sp4rkCon 2019, a full day information security conference hosted by Walmart .  

 

Carrie and the Information Security team are passionate about sharing their knowledge and offer fellow associates advice to stay protected on the internet.

 

“We all need to be more aware of the possibilities that personal information offers a hacker,” Carrie said. “People think, ‘Who cares if someone hacks in and can see this email to my mom?’ But your inbox is where all your password resets come from, and allowing easy access to email can very easily leave you vulnerable. Don’t create passwords based on a date just because they might be easier to remember, like ‘Fall2019.’ If everyone takes precautions to stay safe, we can help protect the entire network, and each other.”