As enterprises move rapidly toward AI-driven systems, information security is no longer just about protecting infrastructure. It is about protecting trust—between organizations, customers, and intelligent machines making decisions at scale. In this interview, Binu Chacko, Group Director – Information Security at Walmart Global Tech, shares a grounded view of what lies ahead. From AI becoming both a weapon and a shield, to privacy evolving into a design principle, and security talent needing a very different mix of skills, Binu Chacko outlines how the role of InfoSec is fundamentally changing as we approach 2026. Drawing from the perspective of a Fortune #1 enterprise operating at massive scale, he explains how Walmart Global Tech is balancing personalization with privacy, embedding AI responsibly into cyber defence, and building a future-ready security workforce.
Some edited excerpts:
In 2026, what are the top three shifts that you believe will redefine information security in India and globally?
Looking ahead, I see three big shifts shaping our industry:
AI is becoming the new engine of both defence and attack. Just like cloud changed everything years ago, AI is now reshaping how organisations think about InfoSec. Threat actors are using it to scale attacks, and that raises the pace at which we must detect and respond
The evolving data protection environment means privacy is now a design requirement, not a checkbox. It strengthens the discipline around how we collect, use, and explain data— a positive step for both customers and organizations
The skills needed in security are expanding. We’ll always need deep specialists, but we also need people who can question AI systems, narrate decisions, and translate technical risks in simple language. That combination of technical depth and human clarity is becoming essential. At the center of all this sits trust—how we earn it, maintain it, and restore it when needed
Retail is one of the most data-intensive sectors. How do you see security strategies evolving to balance personalization, privacy, and compliance?
In retail, nothing matters more than trust. Customers expect personalised experiences, but they also expect their data to be treated with respect and care. At Walmart, we take a very clear stance: use data responsibly, transparently, and always in a way that aligns with our values of service, integrity, respect, and excellence. This means building privacy and security into the design of every product and capability.
We apply strong governance, follow strict purpose-based data use, and maintain controls like access management, encryption, and continuous training so that everyone understands their role in protecting data. And as AI and automation shape more customer experiences, the ability to explain why a decision was made becomes important. That’s where human oversight and communication-driven roles—people who can translate and challenge AI—reinforce trust. This balanced approach helps us deliver personalization while maintaining privacy or compliance.
With AI and automation transforming every domain, how do you see these technologies shaping the next phase of cyber defence at Walmart Global Tech?
We view AI as a powerful enabler for the next phase of cyber defense. As a Fortune #1 company, our scale gives us the opportunity to apply these technologies thoughtfully. Wherever possible, we have embedded AI and automation, with humans remaining in the loop for all critical decisions. By integrating automation with threat intelligence and leveraging AI/ML to find patterns humans may miss, we enhance threat detection, accelerate prioritization, and strengthen our cybersecurity posture.
At the same time, we recognize that emerging technologies, including Agentic AI, bring new risks, which we address through proactive AI-driven defenses. Ultimately, our approach combines innovation with strong governance and a people-led, tech-powered mindset. That balance is what allows us to advance our capabilities while maintaining the trust and resilience that are essential to our business.
What real-world challenges do you foresee as organisations move toward AI-assisted decision-making in security operations?
AI creates enormous potential, but it also brings practical considerations. Security data is complex, and AI can only be as good as the data it learns from. Ensuring quality, reducing bias, and maintaining freshness are essential. At the same time, organizations must prepare for AI-enabled and AI-targeted threats, with adversaries already finding ways to evade or manipulate models, making the security of the AI itself a critical component of defence strategy. There’s also a people dimension.
AI helps teams focus on higher-value work, but it also requires new skills, new processes, and an understanding of when and how to rely on these systems. And finally, transparency matters. Before acting on an AI recommendation, teams need to understand why the model reached that conclusion. AI is powerful, but it must be implemented thoughtfully, with strong governance and continuous human oversight.
There’s a global shortage of skilled cybersecurity professionals. How is Walmart Global Tech addressing this talent gap internally?
For us, people are at the center of everything. Building a future-ready security workforce means giving our associates the opportunities, skills, and confidence to grow. We partner with leading institutes across India to tap into exceptional talent and create strong pipelines. But hiring is only the beginning. In addition to growing our teams, we invest heavily in upskilling. For instance, we partner with academic institutes like Vellore Institute of Technology as part of our ‘School of Cybersecurity’ initiative—a movement built in collaboration with Walmart Global Tech Academy to equip associates with advanced cybersecurity and AI-security skills. This program goes beyond traditional learning; it reflects our shift from InfoSec to AI CyberSec, empowering professionals across the business to champion the protection of intelligent systems.
What really brings it all together is our culture. Our teams work with trust, collaboration, and curiosity. They learn from each other, challenge each other, and share a deep commitment to protecting our ecosystem. This combination of talent, learning, and culture makes our programs not just effective, but transformative.
As technologies like GenAI and quantum computing mature, how should InfoSec professionals reskill to stay relevant?
The most important thing is to stay curious. The world is shifting fast, but people who are open to learning will always stay ahead. By building skills through hands-on experience and real-world challenges, collaborating and sharing knowledge, developing basic fluency in how AI behaves, and cultivating adversarial thinking to anticipate how systems could be exploited, professionals can go a long way toward keeping systems—and the people they serve—safe.
Alongside that, communication skills— explaining risks simply and clearly—are emerging as key leadership traits. Quantum will eventually reshape some of our cryptographic foundations, so staying aware of that evolution is helpful. Ultimately, those who combine technical awareness with strong judgement and the ability to translate complexity will lead the future of InfoSec.