Retail and eCommerce organizations sit at the intersection of consumer trust, massive data volumes, and always-on digital platforms. As global retailers scale omnichannel operations, cybersecurity leaders are tasked with protecting customer data, payment systems, supply chains, and increasingly complex digital ecosystems. The CISOs featured here exemplify how modern retail security leadership blends technical depth, business enablement, and executive influence to safeguard brands that millions of customers rely on every day.
Erick Rudiak — Chief Information Security Officer, Costco Wholesale
Erick Rudiak brings boardroom-level cybersecurity leadership shaped by experience across Fortune 25 healthcare and Fortune 100 insurance organizations. As CISO of Costco Wholesale, he is responsible for protecting data, systems, and intellectual property at global retail scale, while serving as a trusted advisor to executive leadership and boards. His background in enterprise risk modeling and crisis management enables him to guide organizations through high-stakes security incidents with clarity and confidence.
A strong advocate for outcomes-driven security, Erick has built mature risk management programs aligned to enterprise risk tolerance and business objectives. He is also recognized for developing high-performing, diverse teams and for authoring the Security Transformation Playbook, reflecting his focus on scalable, framework-based cybersecurity maturity that enables business growth rather than constraining it.
Mike Carr — Business Information Security Officer, Kroger
Mike Carr serves as a strategic cybersecurity and GRC leader for Kroger’s retail operations and merchandising organizations, acting as a trusted liaison between security, business, and legal teams. His work focuses on enabling digital transformation while ensuring privacy, data governance, and cybersecurity programs align with Kroger’s risk appetite and regulatory obligations.
With deep experience leading global teams, Mike has driven sustainable programs across cybersecurity, incident response, third- and fourth-party risk, regulatory compliance, and data governance. He is known for aligning security initiatives with frameworks such as NIST, ISO, FAIR, COBIT, and Agile delivery models. A passionate servant leader, Mike emphasizes culture, communication, and continuous learning, ensuring that cybersecurity supports both operational resilience and long-term business success in one of the world’s largest grocery retailers.
Jodie Kautt — Senior Vice President of Cybersecurity, Target
Jodie Kautt is an award-winning cybersecurity executive who leads all cyber defense functions at Target, including the company’s 24×7 Cyber Fusion Center and Fraud & Abuse operations. Under her leadership, Target integrated cyber defense and fraud capabilities, applying security intelligence to combat retail-specific threats at scale.
With over 15 years of experience and a background that includes consulting at KPMG, Jodie is recognized for building innovative, inclusive teams. Her organization has contributed numerous patents and open-source tools back to the security community. Beyond operations, she plays a key role in advancing DE&I initiatives across Target Tech. Jodie is also active in the broader cybersecurity ecosystem, serving with the Aspen Institute’s Cybersecurity Group and advising NYU’s Tandon School of Engineering.
Raúl Amigorena — Chief Information Security Officer, Inditex
As Global CISO of Inditex, Raúl Amigorena oversees cybersecurity for one of the world’s largest fashion retailers, supporting brands including Zara, Bershka, Massimo Dutti, and Pull&Bear. His role spans thousands of physical stores and high-traffic digital platforms serving millions of customers daily across diverse geographies.
Raúl leads the design and execution of a global cybersecurity program tailored to Inditex’s complex retail footprint, balancing centralized governance with regional adaptability. His work focuses on protecting customer data, securing omnichannel operations, and enabling innovation across fast-moving retail environments. By aligning cybersecurity strategy with the pace and scale of global fashion retail, he ensures security remains an enabler of growth rather than a constraint.
Yuezhong Bao — CISO, Alibaba Group & CISO, Lazada Group
Yuezhong Bao is a seasoned cybersecurity practitioner and technical leader overseeing security across Alibaba International Digital Commerce and Lazada Group. His remit spans global eCommerce, logistics, payments, and emerging AI platforms, supporting brands such as AliExpress, Lazada, Daraz, and Alibaba.com.
Leading international teams across GRC, security architecture, red and blue teams, and SOC operations, Yuezhong focuses on mitigating cyber, data, and regulatory risks at massive scale. He ensures compliance with global regulations including GDPR, DSA, NIS2, and financial controls such as KYC and AML. His approach combines strategic oversight with hands-on technical leadership, enabling secure growth across diverse markets in Southeast Asia, South Asia, and Europe.
Elwin Wong — Senior Vice President & Chief Information Security Officer, Ross Stores, Inc.
Elwin Wong is an enterprise security leader with deep experience building and scaling information security programs in complex retail environments. As CISO of Ross Stores, he leads cybersecurity strategy, risk management, and compliance for a major off-price retailer operating at national scale.
Known for his entrepreneurial mindset and balanced risk approach, Elwin blends business, financial, and technical expertise to drive security outcomes that enable the organization. His leadership spans enterprise risk, PCI and SOX compliance, security architecture, threat management, incident response, and SOC operations. A strong communicator and relationship builder, Elwin is recognized for forging trusted partnerships across the business to proactively mitigate risk while supporting growth and operational efficiency.
Thomas Ratz — Senior Vice President, Technology & CISO, Dollar General Corporation
Thomas Ratz leads enterprise-wide information security, disaster recovery, and quality assurance for Dollar General, a Fortune 150 retailer with over 20,000 locations and nearly 200,000 employees. His scope includes securing a hybrid environment spanning on-premises infrastructure, private cloud, and partner cloud platforms.
A pragmatic security leader, Thomas believes effective cybersecurity should naturally drive compliance rather than treating compliance as the primary goal. His approach focuses on maturing security programs that enable business agility while strengthening resilience across large-scale retail operations. With experience across multiple security domains, he brings a practical, business-aligned mindset to protecting one of the largest discount retail networks in the United States.
Guardians of the Digital Storefront
Retail and eCommerce CISOs operate at the front lines of consumer trust, where cybersecurity failures directly impact brand reputation, revenue, and customer loyalty. The leaders highlighted here demonstrate how modern retail security extends far beyond technology, encompassing governance, culture, fraud prevention, and executive strategy. As digital commerce continues to accelerate, these CISOs are shaping resilient, secure retail ecosystems that enable innovation while protecting the data and systems millions of customers depend on every day.