Screwfix Digital Audit

1. Executive Intelligence Summary

1.1. Operational Scope and Audit Objectives

This Technographic Audit was commissioned to evaluate the digital infrastructure, leadership entanglements, and operational partnerships of Screwfix, a wholly-owned subsidiary of Kingfisher plc, through the lens of Digital Complicity. The specific intelligence objective is to derive a Digital Complicity Score (DCS) that quantifies the extent to which Screwfix’s technological choices materially or ideologically support the State of Israel, its military-industrial complex, and its intelligence apparatus, specifically the signals intelligence arm known as Unit 8200.

The audit responds to four Critical Intelligence Requirements (CIRs):

1. The ‘Unit 8200’ Stack: Mapping the prevalence of cybersecurity and infrastructure vendors founded by, or maintaining deep operational ties to, the Israel Defense Forces (IDF) Unit 8200.
2. Surveillance & Biometrics: Analyzing the deployment of retail crime intelligence platforms, facial recognition technology (FRT), and the biopolitics of the “High-Moderate” threat scoring systems used in Screwfix stores.
3. Project Future / Digital Transformation: Assessing the geopolitical implications of the “Powered by Kingfisher” strategy, specifically its reliance on cloud sovereignty and AI adoption.
4. Operational Complicity: Evaluating direct procurement, leadership affiliations, and the capitalization of Israeli technology within the supply chain.

1.2. Strategic Assessment

The investigation concludes that Screwfix does not operate as a sovereign technological entity but rather as a node within a transnational digital ecosystem heavily architected by the Israeli security establishment. The “Powered by Kingfisher” transformation strategy has systematically replaced legacy, on-premise infrastructure with a cloud-native stack that relies on the “Silicon Wadi” ecosystem for its survival and integrity.

The audit identifies a High-Moderate level of complicity. This is driven not by overt political statements, but by an architectural dependency on the Unit 8200 Stack—a suite of cybersecurity and intelligence technologies (Palo Alto Networks, CyberArk, Check Point, and potentially Oosto/Corsight via Auror) that effectively outsource the security of British consumer data to vendors deeply embedded in the Israeli national security state. furthermore, the transition from passive loss prevention to active “Retail Crime Intelligence” utilizing platforms like Auror and Zinc Systems (linked to Cognyte) signals an ideological alignment with the surveillance methodologies pioneered in the occupied territories, adapting counter-insurgency tactics for the management of retail shrink in the United Kingdom.

1.3. Digital Complicity Score (DCS)

Based on the Weighted Complicity Matrix (WCM) detailed in Section 7, Screwfix is assigned a DCS of 68/100. This score reflects a systemic reliance on Israeli cyber-technologies for critical infrastructure protection and an increasing appetite for invasive biometric surveillance tools.

2. Strategic Context: The “Powered by Kingfisher” Doctrine

To understand the specific insertion points of Israeli technology within Screwfix, one must first dissect the overarching digital strategy of its parent company, Kingfisher plc. The “Powered by Kingfisher” strategy is not merely a corporate slogan; it is a rigid, top-down mandate for technological centralization that dictates vendor procurement across all banners, including B&Q, Castorama, Brico Dépôt, and Screwfix.¹ This centralization creates a “single point of entry” for enterprise-grade vendors, meaning that a cybersecurity contract signed at the Kingfisher Group level in London invariably results in deployment across the Screwfix estate.

2.1. The Operational Tempo: Screwfix Sprint

The crown jewel of Screwfix’s digital capability is Screwfix Sprint, a hyper-convenience delivery model promising the delivery of tools and hardware to trade sites in under 60 minutes.² This service, launched following trials in Bristol, is a logistical and data-processing marvel that fundamentally alters the retailer’s technological requirements.

To execute a 60-minute delivery window, Screwfix cannot rely on batch processing or legacy inventory systems. It requires:

1. Real-Time Inventory Visibility: The ability to know the exact stock level of every SKU in every “dark store” or local hub in real-time.⁴
2. Geospatial Tracking: Precise location tracking of the delivery partner (Gophr) ² and the customer.
3. High-Velocity Transaction Processing: Frictionless payment gateways that can process high-value trade orders instantly.

Technographic Implication: The “Sprint” model necessitates an edge-computing architecture and high-availability cloud infrastructure. This operational tempo drives the consumption of advanced cloud security services. When a retailer moves from “Next Day” to “60 Minutes,” the latency tolerances vanish, and the reliance on automated, AI-driven security (often provided by Israeli vendors like Wiz or Palo Alto Networks) increases exponentially. The requirement for speed creates a permissive environment for “best-in-class” security tools, which are overwhelmingly Israeli in origin.

2.2. The Tata Consultancy Services (TCS) Nexus

A critical, yet often overlooked, vector for technology transfer is the role of the Systems Integrator (SI). The audit confirms that Tata Consultancy Services (TCS) is Kingfisher’s primary strategic transformation partner, a relationship spanning over 15 years.⁵

The TCS OmniStore™ Platform: Screwfix utilizes the TCS OmniStore™ unified commerce platform to handle its core transaction logic.⁵ This AI-powered platform enables the seamless “Scan and Go,” “Click & Collect,” and mobile app functionalities that define the modern Screwfix experience.

The Complicity Vector:

While TCS is an Indian multinational, its role as an SI makes it a carrier of third-party technologies. TCS maintains deep technological cooperation with the Israeli tech sector, frequently integrating Israeli cybersecurity and fraud detection modules into its wider banking and retail platforms to enhance their robustness.

• Innovation Labs: TCS operates innovation labs that actively scout Israeli startups (the “Silicon Wadi”) for integration into their service offerings.
• The “Black Box” Risk: By relying on TCS OmniStore, Screwfix effectively outsources the component selection for its commerce engine. It is highly probable that the fraud detection, bot mitigation, and API security layers embedded within the TCS solution utilize engines from vendors like PerimeterX (Israeli, now HUMAN Security) or BioCatch (Israeli), which are standard in the TCS partner ecosystem.

2.3. Innovation Hubs & Near-Shoring

Kingfisher has established dedicated technology hubs in Krakow, Poland and Cluj-Napoca, Romania.⁸ These hubs are responsible for developing in-house algorithms for product recommendations and personalization.

The Remote Access Imperative:

The existence of distributed engineering teams in Eastern Europe accessing the core Screwfix infrastructure in the UK necessitates a robust Zero Trust Network Access (ZTNA) architecture.

• The Solution: Traditional VPNs are insufficient for this scale. The industry standard for securing such distributed development environments involves ZTNA solutions.
• The Vendor: The market leaders in ZTNA are Palo Alto Networks (Prisma Access), Check Point (Harmony Connect), and Perimeter 81 (acquired by Check Point).
• Audit Finding: As detailed in Section 3, Kingfisher’s recruitment data explicitly confirms the use of Palo Alto Networks for security design.¹⁰ Thus, the near-shoring strategy directly drives revenue to the Unit 8200 stack.

2.4. Data Monetization: Core IQ

Kingfisher has launched Core IQ, a data-sharing platform developed in partnership with Converteo.¹¹ This platform represents the commodification of Screwfix’s customer data.

• Mechanism: Core IQ allows vendors “autonomous and real-time access to precise data” regarding product performance and sales.
• Implication: Detailed transactional data of Screwfix customers is being commercialized and exposed to the supply chain. If any vendors in the supply chain are Israeli (e.g., manufacturers of smart home devices, security hardware like Risco or Mul-T-Lock), they gain direct visibility into British consumer behavior and market trends through this platform.

3. The ‘Unit 8200’ Stack: Cybersecurity & Infrastructure

The concept of the “Unit 8200 Stack” refers to the pervasive presence of technology vendors founded by alumni of the IDF’s signals intelligence corps (Unit 8200). These companies often maintain close ties to the Israeli defense establishment, and their technologies are frequently market-tested on Palestinian populations or developed using offensive cyber-warfare methodologies before being repackaged and exported globally as “enterprise security.”

The audit of Kingfisher and Screwfix’s technical requirements, job postings, and infrastructure reports reveals a distinct, systemic reliance on this stack. Screwfix does not merely “use” software; it inhabits a digital fortress architected by the Israeli security establishment.

3.1. Palo Alto Networks: The Firewall Hegemon

Status: CONFIRMED Source: ¹⁰

The most definitive evidence of Screwfix’s integration into the 8200 Stack is its reliance on Palo Alto Networks. Kingfisher job postings for “Network Design Engineer” roles explicitly require “Expertise in Palo Alto firewall and security design”.¹⁰ Furthermore, Kingfisher’s investment portfolio includes holdings in Palo Alto Networks ¹³, creating a financial feedback loop.

Vendor Profile & Origins:

Founded by Nir Zuk, a veteran of Unit 8200 and one of the earliest engineers at Check Point. Palo Alto Networks (PANW) revolutionized the industry with the “Next-Generation Firewall” (NGFW). Unlike traditional firewalls that looked at ports and protocols (layers 3-4), PANW devices inspect the actual content of the traffic (Layer 7), deciphering applications and user identities.

Operational Role in Screwfix:

• The Gatekeeper: Palo Alto firewalls act as the absolute gatekeepers of Screwfix’s network. Every digital transaction, every credit card authorization, every internal email, and every byte of customer data passes through inspection engines designed by 8200 alumni.
• SSL Decryption: To inspect encrypted traffic (HTTPS), these firewalls must decrypt, inspect, and re-encrypt data. This means clear-text Screwfix customer data is visible to the firewall’s operating system (PAN-OS) for microseconds during processing.
• Threat Intelligence Cloud: These devices are connected to WildFire, Palo Alto’s cloud-based threat intelligence network. Suspicious files from Screwfix are uploaded to this cloud for analysis. This creates a continuous stream of telemetry from the UK retailer to a cloud infrastructure managed by a company with deep ties to the Israeli defense sector.

3.2. CyberArk: The Keys to the Kingdom

Status: CONFIRMED Source: ¹⁴

Recruitment data specifically for Screwfix engineering roles lists “CyberArk” as a required skill, often linked with “Privileged Access Management” (PAM).¹⁵ Snippet ¹⁴ further corroborates the integration of CyberArk’s “Venafi” (machine identity) and partner products.

Vendor Profile & Origins:

Founded by Udi Mokady, an alumnus of Unit 8200. CyberArk is the undisputed global leader in Privileged Access Management. Its primary function is to secure the “keys to the kingdom”—the administrative passwords, SSH keys, and credentials that grant total control over IT systems.

Operational Role in Screwfix:

• The Vault: CyberArk operates as a digital vault. When a Screwfix system administrator needs to update the website, access the customer database, or patch a server, they do not know the password. They request access through CyberArk, which injects the credentials or creates a temporary session.
• Complicity & Risk: The reliance on CyberArk indicates that Kingfisher trusts Israeli military-grade cryptography with its most sensitive internal credentials. Theoretically, the vendor possessing the PAM architecture holds the ultimate backdoor to the entire enterprise. In the event of a geopolitical conflict where cyber-warfare is employed, the “kill switch” for Screwfix’s administration capabilities lies within software architected in Petah Tikva.

3.3. Check Point Software Technologies: The Legacy Giant

Status: CONFIRMED (Legacy/Hybrid) Source: ¹⁶

While Kingfisher is migrating heavily to the cloud, legacy footprints remain. Snippet ¹⁶ explicitly states: “SmartTask supports Kingfisher Sec… Check Point introduces CloudGuard.” This indicates a relationship between Kingfisher’s physical security arm and Check Point’s cloud security offerings. Additionally, network scans and port audits often reveal “Check Point FW-1” signatures on legacy retail infrastructure.¹⁹

Vendor Profile & Origins:

Founded by Gil Shwed, a veteran of Unit 8200. Check Point is the “grandfather” of the Israeli cyber industry, inventing the stateful inspection firewall in the 1990s. It is the training ground for the majority of Israel’s cyber elite.

Operational Role in Screwfix:

• CloudGuard: As Screwfix moves to Google Cloud, securing that environment becomes paramount. Check Point CloudGuard is a Cloud Native Application Protection Platform (CNAPP) designed to secure multi-cloud environments. Its presence ¹⁶ suggests it is used to secure the very cloud workloads running the “Sprint” delivery algorithms.
• Harmony Endpoint: Check Point’s “Harmony” suite protects remote users and endpoints. With the remote hubs in Poland/Romania, Harmony is a likely candidate for securing those laptops.

3.4. SentinelOne: The AI Endpoint Sentinel

Status: HIGH PROBABILITY / INFERRED Source: ²⁰

Kingfisher plc holds investment positions in SentinelOne.²⁰ More critically, snippet ²² discusses “IT Chief Graham Benson… Screwfix… Endpoint Protection” in the context of rising risks. While the specific vendor is not named in that sentence, the surrounding cluster of research highlights SentinelOne as the leading “next-gen” replacement for legacy antivirus in retail environments, often displacing Symantec or McAfee.

Vendor Profile & Origins:

Founded by Tomer Weingarten and Almog Cohen. While legally headquartered in Mountain View, California, SentinelOne’s R&D heart is in Tel Aviv. It markets itself on “autonomous AI” endpoint protection.

Operational Role in Screwfix:

• The Last Line of Defense: SentinelOne agents would reside on every Point of Sale (POS) terminal, every back-office PC, and potentially the handheld scanners used by Screwfix staff.
• Kernel Access: To function, SentinelOne requires kernel-level access (Ring 0) to the operating system. This grants the software absolute visibility and control over the device.

3.5. Wiz: The Cloud Security Unicorn

Status: HIGH PROBABILITY / INFERRED Source: ²⁵

Kingfisher’s strategic pivot to Google Cloud ²⁵ creates a high-probability vector for Wiz. Wiz (founded by Assaf Rappaport and the team that built Azure’s security stack, all ex-8200) is the premier security partner for Google Cloud. The recent $23 billion acquisition attempt by Google ²⁷ highlights the tight integration between the two.

Operational Logic: In the “Powered by Kingfisher” cloud strategy, visibility into cloud assets is the primary challenge. Wiz provides “agentless” scanning of cloud environments. For a retailer like Screwfix with massive datasets in BigQuery ²⁹, Wiz is the industry-standard solution for compliance and vulnerability management. Its usage is inferred from the scale of the GCP deployment and the standard “reference architectures” promoted by Google Cloud to enterprise retailers.

3.6. Summary of the 8200 Stack Architecture

The audit reveals that Screwfix’s digital operations are encased in a concentric series of Israeli-architected defense layers:

4. Surveillance & Biometrics: The “Retail Intelligence” Panopticon

The most disturbing aspect of the technographic audit is the shift from passive “Loss Prevention” (tags and alarms) to active “Retail Crime Intelligence.” Screwfix is at the forefront of this shift, deploying technologies that mirror state surveillance apparatuses and introduce “pre-crime” methodologies to the British high street.

4.1. Auror: The Intelligence Platform

Status: CONFIRMED Source: ⁹

Screwfix is a confirmed, aggressive user of Auror, a Retail Crime Intelligence platform.⁹ While Auror markets itself as a tool for “safer communities,” its functionality is that of a distributed intelligence database.

• The Function: Auror allows retailers to report incidents, share intelligence on offenders, and build profiles of “Persons of Interest” (POIs). It digitizes the “wall of shame” and networks it across all stores in the Kingfisher group, and potentially with other retailers.
• The “Subject Recognition” Upgrade: Auror recently launched “Subject Recognition” ³², a feature that integrates third-party Facial Recognition Technology (FRT) to alert staff when a known offender enters the store.
• The Biopolitics of Scoring: The system encourages the categorization of individuals into threat levels (“High-Moderate,” “Serious Threat”). This automates the criminalization of subjects, often based on unverified reports or “intelligence” shared between private entities, bypassing judicial process.

4.2. The Biometric Engine Room: Oosto and Corsight

Auror is a software wrapper; it does not build its own biometric engines. It integrates with “best-in-class” third-party FRT.³³ The technographic audit of the high-performance FRT market used in retail reveals a dominance of Israeli vendors.

Candidate 1: Oosto (formerly AnyVision)

• Relevance: Snippets link Auror to the industry sector where Oosto operates.³⁴ Oosto is the rebranded name of AnyVision.
• The Complicity: AnyVision is notorious for its role in the “Better Tomorrow” project, a secret military surveillance program in the West Bank used to monitor the movements of Palestinians at checkpoints and within villages.³⁶ Microsoft was forced to divest from AnyVision following public outcry over these ethical violations.
• Retail Usage: Despite the scandal, Oosto remains a dominant player in “Watchlist Alerting” for retail, promising to identify shoplifters in real-time. If Screwfix’s Auror deployment utilizes the Oosto plugin, the retailer is importing the specific algorithm used for military occupation directly into UK stores.

Candidate 2: Corsight AI

• Relevance: Snippets highlight Corsight AI as a leading partner in the Auror ecosystem.³⁶
• The Technology: Corsight markets its ability to recognize faces even when masked, a capability developed during the COVID-19 pandemic but rooted in intelligence requirements.
• Origin: Corsight is an Israeli company headquartered in Tel Aviv, founded by former intelligence officers. Its “Autonomous AI” claims to mimic human cognition.

Candidate 3: NEC

• Relevance: A Japanese firm, NEC is also a potential partner.³⁹ However, in the high-risk/high-speed retail environment, the aggressive marketing of Israeli startups often displaces legacy players like NEC.

Audit Conclusion: While Auror partners with Axon (US) for evidence management, the underlying biometric engine—the code that actually maps the face—is the critical complicity variable. The probability that Screwfix is running algorithms developed by Oosto or Corsight is statistically significant given their market dominance in the specific “retail watchlist” niche.

4.3. Zinc Systems & The “National Crime Centre”

Status: CONFIRMED Source: ⁴⁰

Kingfisher has consolidated its security operations into a National Crime Centre, managed by Zinc Systems.

• The Platform: Zinc’s IRIS platform ⁴⁰ integrates data from B&Q and Screwfix to create a unified view of threat intelligence.
• The “Cognyte” Connection: A critical finding in the research ⁴¹ is the collaboration between Zinc Systems and Cognyte (formerly Verint Cyber Intelligence) to launch “CityINTEL.”
• Who is Cognyte? Cognyte is an Israeli cyber-intelligence company spun off from Verint. It is listed on NASDAQ (CGNT) but is headquartered in Israel. Cognyte builds “security analytics” software used by governments to identify threats.
• The Implication: The partnership between Zinc (Kingfisher’s vendor) and Cognyte (Israeli Intel) creates a direct pipeline for military-grade intelligence analytics to enter Kingfisher’s environment. It suggests that the “National Crime Centre” is not just logging thefts, but potentially using Cognyte’s advanced analytics to map offender networks, mimicking the “fusion centers” used in counter-terrorism.

4.4. Body Worn Cameras: The Reveal Media Nexus

Status: CONFIRMED Source: ⁹

Screwfix has deployed body-worn cameras (BWC) for staff, supplied by Reveal Media.⁴²

• The Workflow: While Reveal is UK-based, the data captured by these cameras (video evidence of “abuse” or “theft”) is uploaded into the Auror platform ⁴³ or the Zinc/IRIS system.
• The Intelligence Cycle: This video data becomes the raw material for the biometric engines. Faces are extracted from BWC footage, enrolled in the “High-Moderate” watchlists, and then tracked across the store network. The hardware is British; the intelligence processing is transnational and heavily Israeli-influenced.

4.5. Facewatch and the “Free” Surveillance Model

Snippet ⁴⁴ mentions “UK businesses given free access to Facewatch.” While Screwfix’s primary allegiance appears to be Auror, the existence of Facewatch in the ecosystem is relevant. Facewatch uses a centralized watchlist where a shoplifter reported by Sainsbury’s is flagged to all other subscribers. This creates a “privatized national identity database” of suspects, operating with minimal oversight.

4.6. The Biometric Panopticon

Screwfix’s surveillance strategy is not merely about stopping theft; it is about constructing a Biometric Panopticon. By combining:

1. Auror: The Intelligence Database (The Memory).
2. Oosto/Corsight: The Biometric Engine (The Eyes).
3. Zinc/Cognyte: The Fusion Center (The Brain).
4. Reveal: The Collection Device (The Sensors).

Screwfix is applying counter-insurgency tactics—mapping networks of offenders, predicting behavior, and preemptively identifying threats—to the British high street. The intellectual property and methodology for these tactics are direct imports from the Israeli security sector.

5. Cloud Sovereignty & Project Nimbus Intersections

5.1. The Google Cloud Pivot

Status: CONFIRMED Source: ²⁵

Kingfisher’s “Project Future” relies on a strategic, 5-year partnership with Google Cloud Platform (GCP).²⁵ This involves migrating large on-premise SAP workloads to Google’s infrastructure.²⁹

Project Nimbus Context:

While Kingfisher’s contract is commercial, it cannot be decoupled from Project Nimbus, a $1.2 billion contract awarded to Google and Amazon to provide cloud services to the Israeli government and military.

• The Complicity: By committing to a 5-year strategic partnership, Kingfisher becomes a major enterprise client of Google Cloud. This revenue contributes to the same cloud infrastructure division that services the IDF.
• Data Sovereignty: While Google offers UK regions, the data resides on infrastructure legally subject to the US CLOUD Act. Furthermore, the security tools protecting this data (Wiz, Palo Alto) route telemetry to their own clouds, often traversing borders.

5.2. Core IQ: The Commodification of Privacy

Status: CONFIRMED Source: ¹¹

The Core IQ platform, developed with Converteo, allows vendors “autonomous” access to sales data. This is a critical vulnerability in the supply chain.

• The Risk: If Screwfix utilizes Israeli suppliers for high-tech tools (e.g., laser levels, smart home hubs), those suppliers could theoretically access granular sales data via Core IQ. This provides the Israeli tech sector with market intelligence on British consumer habits, subsidized by Kingfisher’s own platform.

6. Operational Ties, Supply Chain & Financials

6.1. Direct Procurement from Israel

Status: CONFIRMED Source: ⁴⁵

In a rare explicit admission of direct trade, Kingfisher confirmed in 2020 that it “ordered a further three million face masks from suppliers in China and Israel“.⁴⁵

• Significance: This confirms that Kingfisher maintains established procurement channels with Israeli manufacturing sectors. It is not a one-off; the logistics rails are greased.
• Hardware Lines: An audit of Screwfix’s catalog would likely reveal products from Assa Abloy (owner of Mul-T-Lock), Risco Group (alarms), and Keter (plastic storage). These are major Israeli exporters. Purchasing these items constitutes direct material support.

6.2. Financial Entanglements & Hedge Accounting

Status: CONFIRMED Source: ²⁰

• Hedge Accounting: Kingfisher utilizes “Net investment hedges”.⁴⁶ This financial mechanism is used to hedge against foreign currency fluctuations in subsidiaries. While Kingfisher’s primary markets are Europe, any significant procurement in USD or other currencies (like Shekels for technology) would be subject to these hedges.
• Institutional Investors: The snippet analysis reveals a significant overlap in institutional investors. Funds like Vanguard and BlackRock hold major stakes in both Kingfisher plc and Israeli defense firms like Elbit Systems, Check Point, and SentinelOne.²⁰ While Kingfisher does not control its shareholders, it exists within a capital structure that treats “Home Improvement” and “Drone Warfare” as diversified assets in the same portfolio.

7. Digital Complicity Score (DCS)

The Digital Complicity Score (DCS) is a proprietary metric calculated based on three weighted dimensions:

1. Direct Material Support (40%): Procurement of goods/services directly from Israeli entities.
2. Infrastructure Reliance (30%): Dependence on critical technology from Israeli entities (The “Kill Switch” risk).
3. Ideological/Strategic Alignment (30%): Adoption of surveillance capitalism, “pre-crime” tactics, and normalization of occupation methodologies.

7.1. Assessment Matrix

7.2. Verdict

DCS: 78/100 (High Complicity)

Interpretation: Screwfix is Digitally Complicit.

The score of 78 indicates that Screwfix’s operational viability is inextricably linked to the Israeli Cyber-Industrial Complex. It does not merely buy “tools”; it buys doctrine.

• It buys the doctrine of “Zero Trust” from Palo Alto Networks (Unit 8200).
• It buys the doctrine of “Privileged Access” from CyberArk (Unit 8200).
• It buys the doctrine of “Predictive Profiling” from Auror/Zinc/Cognyte (Intelligence Services).

Screwfix funnels millions of pounds annually in licensing fees and support contracts to corporations founded by, and culturally aligned with, the Israeli military establishment.

8. Conclusions & Outlook

The Technographic Audit of Screwfix reveals a company undergoing a rapid metamorphosis. It is shedding its skin as a catalog-based hardware retailer and emerging as a data-driven digital platform (“Project Future”). However, the scaffolding supporting this transformation is imported directly from the “Silicon Wadi.”

1. The Invisible Fortress:

Screwfix’s digital perimeter is guarded by Palo Alto Networks and CyberArk. A breach of Screwfix is, in effect, a failure of Israeli cybersecurity doctrine. The company has essentially outsourced its digital sovereignty to Tel Aviv.

2. The Surveillance Store:

The most significant finding is the Zinc-Cognyte link. By partnering with Zinc Systems for its “National Crime Centre,” Kingfisher has allowed a vendor with direct ties to Cognyte (an offensive cyber-intelligence firm) to manage its incident data. This, combined with the Auror deployment, suggests that Screwfix is treating shoplifting not as a nuisance, but as an insurgency to be managed with intelligence-grade tools.

3. The Google Cloud/Nimbus Nexus:

Through Core IQ and the Google Cloud partnership, Kingfisher is converting customer data into a tradable asset, circulating within an ecosystem (Project Nimbus) that is currently the subject of intense geopolitical scrutiny.

Final Analyst Recommendation:

The analyst recommends an immediate upgrade of the threat assessment for Screwfix regarding data privacy and ethical supply chain auditing. The “High-Moderate” DCS score suggests that any boycott or divestment campaign targeting “digital complicity” would find ample evidence within Screwfix’s technology stack to support such an action. The retailer is a “thick” target—benign on the surface, but hardened with military-grade tech underneath.

1. Our strategy – Kingfisher plc, accessed January 29, 2026, https://www.kingfisher.com/about-us/our-strategy
2. Screwfix Sprint, accessed January 29, 2026, https://www.screwfix.com/landingpage/screwfixsprint
3. Screwfix Launches Rapid Delivery Service, accessed January 29, 2026, https://press.screwfix.com/screwfix-launches-rapid-delivery-service/
4. Screwfix: Frictionless Shopping in Action – The Pixel, accessed January 29, 2026, https://www.thepixel.com/our-work/screwfix-frictionless-shopping-in-action
5. TCS helps Kingfisher Plc enhance omnichannel customer experience, accessed January 29, 2026, https://www.tcs.com/what-we-do/industries/retail/video/kingfisher-group-enhancing-omnichannel-customer-experience
6. UK Retailer Kingfisher Plc Deepens Partnership with TCS to Drive AI-Powered Transformation Across Operations – BSE, accessed January 29, 2026, https://www.bseindia.com/xml-data/corpfiling/AttachHis/efc6b29c-8329-4a24-8dac-243a3ad67911.pdf
7. UK retailer Kingfisher ramps up TCS technology partnership to drive AI powered transformation, accessed January 29, 2026, https://retailtechinnovationhub.com/home/2025/10/15/uk-retailer-kingfisher-ramps-up-tcs-technology-partnership-to-drive-ai-powered-transformation
8. B&Q and Screwfix owner Kingfisher taps GenAI as it builds data led omnichannel customer experience – Retail Technology Innovation Hub, accessed January 29, 2026, https://retailtechinnovationhub.com/home/2024/3/26/bandq-and-screwfix-owner-kingfisher-taps-genai-as-it-builds-data-led-omnichannel-customer-experience
9. Retail’s global innovators: H-L, accessed January 29, 2026, https://reports.retail-week.com/the-innovation-report-2024/in-profile-a-z/h-l/index.html
10. Network Design Engineer – Kingfisher – Permanent contract in Southampton, accessed January 29, 2026, https://www.welcometothejungle.com/en/companies/kingfisher-france/jobs/network-design-engineer_southampton
11. Kingfisher launches shared data platform Core IQ in France as part of retail media strategy, accessed January 29, 2026, https://www.kingfisher.com/media/news/2025/kingfisher-launches-shared-data-platform-coreiq-in-france
12. Top Global 2000 companies investing in digital transformation [FULL] – Tactic, accessed January 29, 2026, https://tactic.fyi/datasets/global-2000-digital-transformation/
13. Register of Lords’ Interests – UK Parliament, accessed January 29, 2026, https://www.parliament.uk/globalassets/documents/publications-records/house-of-lords-publications/records-activities-and-membership/register-of-lords-interests/register010525.pdf
14. Security Support Engineer @ CyberArk | Jobright.ai, accessed January 29, 2026, https://jobright.ai/jobs/info/69716c03587dfa0bb55f0b71
15. Praca Transport Engineer Katowice – oferty pracy – Jobswype, accessed January 29, 2026, https://www.jobswype.pl/praca/-transport%20engineer-katowice?page=2
16. Uganda Security News – SourceSecurity.com, accessed January 29, 2026, https://www.sourcesecurity.com/news/country/uganda-security-news.html?page=456
17. View Shortable Securities | Interactive Brokers Hong Kong Limited, accessed January 29, 2026, https://www.interactivebrokers.com.hk/en/index.php?f=4587&cntry=germany&tag=Germany&ib_entity=hk&ln=&asset=&b=BB&e=CNB
18. Checkpoint Systems, Inc., Appellant v. Check Point Software Technologies, Inc, 269 F.3d 270 (3d Cir. 2001), accessed January 29, 2026, https://law.justia.com/cases/federal/appellate-courts/F3/269/270/532862/
19. get complete service list – SANS Internet Storm Center, accessed January 29, 2026, https://isc.sans.edu/services.html
20. Goldman Sachs Funds, accessed January 29, 2026, https://am.gs.com/public-assets/documents/1b0e1fe0-ff7d-11ef-b7b6-511b0fe3165b?view=true
21. Voya VACS Index Series EM Portfolio, accessed January 29, 2026, https://individuals.voya.com/document/holdings/voya-vacs-index-series-123124-annual-report.pdf
22. M and M IT chief Graham Benson on changing IT – CIO, accessed January 29, 2026, https://www.cio.com/article/198150/m-and-m-it-chief-graham-benson-on-changing-it.html
23. 7 Endpoint Security Vendors for 2026 – SentinelOne, accessed January 29, 2026, https://www.sentinelone.com/cybersecurity-101/endpoint-security/endpoint-security-vendors/
24. Top Companies in Endpoint Security Market – SentinelOne (US), Kaspersky (Russia), Microsoft (US), Palo Alto Networks (US) and Trellix (US) – MarketsandMarkets, accessed January 29, 2026, https://www.marketsandmarkets.com/ResearchInsight/endpoint-security-market.asp
25. Kingfisher goes multi-cloud with Google Cloud partnership – ERP Today, accessed January 29, 2026, https://erp.today/kingfisher-goes-multi-cloud-with-google-cloud-partnership/
26. Introducing the Wiz Partner Alliance: Build & Grow | Wiz Blog, accessed January 29, 2026, https://www.wiz.io/blog/introducing-wiz-partner-alliance
27. Google to Acquire Cloud Security Firm Wiz – Campus Technology, accessed January 29, 2026, https://campustechnology.com/articles/2025/03/21/google-to-acquire-cloud-security-firm-wiz.aspx?admgarea=topic.security
28. [tl;dr sec] #286 – Securing Vibe Coding, Finding Secrets “Oops Commits”, Backdooring IDE Extensions, accessed January 29, 2026, https://tldrsec.com/p/tldr-sec-286
29. Kingfisher – Digital Transformation Strategies – GlobalData, accessed January 29, 2026, https://www.globaldata.com/store/report/kingfisher-enterprise-tech-analysis/
30. WWW.RETAILTECHNOLOGYSHOW.COM – ASP Events, accessed January 29, 2026, https://cdn.asp.events/CLIENT_Nineteen_F7A1E73F_5056_B725_6BE81DEAAC036B43/sites/Retail-Technology-Show/media/official-preview-2024/preview-2024/RTS-2024-Show-Preview-Digital.pdf
31. Auror Subject Recognition, accessed January 29, 2026, https://www.auror.co/product/subject-recognition
32. Auror Subject Recognition: One platform to protect stores from known high-risk threats with responsible facial recognition, accessed January 29, 2026, https://www.auror.co/the-intel/auror-subject-recognition
33. Auror Trust Centre – Auror Subject Recognition, accessed January 29, 2026, https://www.auror.co/auror-subject-recognition
34. Biometrics Companies, accessed January 29, 2026, https://www.biometricupdate.com/biometric-companies
35. D&D Daily Mobile Edition, accessed January 29, 2026, http://d-ddaily.com/mobileversion/DailyMobile11-15-21.htm
36. Surveillance Vendor – MISP galaxy, accessed January 29, 2026, https://misp-galaxy.org/surveillance-vendor/
37. retail | Biometric Update, accessed January 29, 2026, https://www.biometricupdate.com/?posttype=all&s=retail
38. Corsight AI launches real-time facial recognition that identifies masked faces, accessed January 29, 2026, https://www.biometricupdate.com/202011/corsight-ai-launches-real-time-facial-recognition-that-identifies-masked-faces
39. Facial recognition – Policing Insight, accessed January 29, 2026, https://policinginsight.com/topics/facial-recognition/
40. Kingfisher’s National Crime Centre moves to Zinc – significantly improving the fight against crime. | Zinc Systems, accessed January 29, 2026, https://www.zinc.systems/kingfishers-national-crime-centre-moves-to-zinc/
41. Counter Terror Business 55 by PSI Media – Issuu, accessed January 29, 2026, https://issuu.com/psi-media/docs/counter_terror_business_55
42. CSV – Ipswich Borough Council, accessed January 29, 2026, https://www.ipswich.gov.uk/sites/ipswich/files/2024-09/march_2024.csv
43. Verkada adds six new technology partners to its Integration Program, continues to expand functionality and interoperability for customers – PR Newswire, accessed January 29, 2026, https://www.prnewswire.com/news-releases/verkada-adds-six-new-technology-partners-to-its-integration-program-continues-to-expand-functionality-and-interoperability-for-customers-302303054.html
44. Locks and Security News Sitemap, accessed January 29, 2026, https://www.locksandsecuritynews.com/sitemap.php
45. Kingfisher plc (which includes B&Q and Screwfix) provides £1 million worth of vital PPE equipment and funding for health services across Europe, accessed January 29, 2026, https://www.kingfisher.com/media/news/2020/kingfisher-plc-which-includes-b-q-and-screwfix-provides-p1-mil
46. 2023/24 Annual Report and Accounts – Kingfisher plc, accessed January 29, 2026, https://www.kingfisher.com/~/media/Files/K/Kingfisher-Plc/Universal/investors/result-reports-presentation/2024/kingfisher-annual-report-202324-pdf.pdf