We recently sat down with Jessi Keegan, the Vice President of Cybersecurity at Shipt and one of Progressive Grocer’s Top Women in Grocery. Learn more about her experience as a cybersecurity leader and her best practices for staying safe in a digital world. 

Can you tell us more about yourself and how you got into the world of cybersecurity? Why is it so important to you that you made a career out of it? 

Jessi: I’ve spent the last 12 years in technology, from infrastructure to product engineering.  The first time I really got to experience cybersecurity as part of my ‘day job’ I was hooked and I haven’t looked back since.  Technology isn’t slowing down anytime soon, which means organizations have to constantly adapt to the changing cyber threats.  The importance and impact cybersecurity has on organizations like Shipt makes it easy to be passionate and invested.  

According to ISC2 Research’s April 2024 report, an estimated 20%-25% of women are in the cybersecurity industry. What advice would you give to women interested in this career path? 

Jessi: Cybersecurity is a broad practice; give yourself the space to find your passion within the discipline. Aligning your natural interests in your work will exponentially accelerate your learning. Additionally, find mentors both within and outside your area. Do not expect to get all your development needs from just one mentor; find someone who can offer an ear, a challenger, and a cheerleader.  

The cybersecurity world is constantly changing. Can you share on how Shipt adapts to the constant changes and how team members stay up to date?  

Jessi: We know people trust Shipt to provide a high-quality experience. Because of that, teams across Shipt are constantly evaluating our products and ways to level up the experience for the Shipt community. Underpinning the Shipt experience is a dedicated cybersecurity team that is hyperfocused on keeping those products and the Shipt community’s information safe and secure.

In today’s world, the digital landscape moves quickly, often day to day but sometimes even hour by hour. It’s all about preparation, adapting when necessary, and trusting your team. The cybersecurity team is always evolving the ways we work and looking for ways we can stress test our systems, run scenario exercises, and quickly close gaps.  Cybersecurity is and has to be collaborative, and not just with teams from within Shipt. Organized retail crime has made it paramount that organizations come together to share intel and provide partnership.  Which is just one reason why Shipt participates in industry conferences and communities.  

Could you talk about what cybersecurity measures you and your team have put into place at Shipt and why these measures are so important for the Shipt community? 

Jessi: We have checks and balances within the Shipt system to detect and stop malicious activities. We are also continuously implementing security upgrades to prevent, detect, and monitor threats.

One way we help protect shoppers and drivers is through two-factor authentication (2FA). If shoppers and drivers are inactive on their accounts for a certain amount of time, there is an in-app verification that includes photo identity verification. We have rolled out several new product enhancements to keep orders safe and secure too, including picture proof of delivery. 

One of the best tools to fight this type of crime is education and prevention, which is why Shipt invests in cybersecurity training and education programs, not just for the cybersecurity team but for all Shipt team members throughout the year. These include employee training on common scam tactics, email phishing exercises, and dedicated training for Shipt customer service teams. We also regularly share cybersecurity tips with shoppers and drivers.

What are some of the best practices that anyone can do to make sure their information remains safe in a digital world? 

Jessi: There are some really simple, easy-to-remember practices that everyone should begin using if they are not already:

• Enable multi-factor authentication, also known as two-factor authentication, on any accounts that support it 

• Create passwords that are unique - passphrases are best 

• If you are having trouble keeping track of your passwords, consider using a password manager

• Stay alert to phishing, vishing, and smishing scams

• And lastly, avoid using public, insecure wifi to access anything you may consider sensitive data