220). As a result, all businesses are tirelessly working irrespective of their size to ensureinformation technology is embraced in their firms. They are also dearly investing to secure theinformation as they have realized the value of information as it is the asset with is verychallenging to acquire and maintain (Cavusoglu et al, 2015 p.390). ebay Inc. which is a e-commerce company based in San Jose, California is heavily investing in information security tomaintain its notable success story since its formation in 1995 by Pierre Omidyar. The company is
STRATEGIC INFORMATION SECURITY 5has adopted sophisticated information security measures since it is a multinational corporation toensure the integrity of its data is not compromised. The adopted information security measuresare meant to have their information security systems tamper-proof thus ensuring its reputation ismaintained.ebay Inc. Company Information Technology Security PersonnelIn the multinational e-commerce corporation, the information technology of the entire companyis led by the Chief Information Security Officer. The chief information security officer in ebayInc. is bestowed with the responsibility of formulating reliable and efficient information securitypolicies and processes which are satisfying to both the company leadership, companystakeholders and even the customers (Siponen et al, 2014 p.218). This calls for the chiefinformation security officer to develop an information security management system which iseffective and has the power of inspiring consumer confidence in the ebay Inc. goods andservices. In addition, the formulated information security policies and procedures should beconsumer oriented, comply to the various standards regulatory as well as tamper-proof in natureto ensure security of the company’s data is guaranteed. Considering cybercrime is undergoingconstant transformation day in day out thus making the predictability of the anticipated forms ofcybercrimes difficult, the developed information security measures by the ebay Inc. CISO shouldbe flexible in nature to ensure it can effectively deals with the constantly evolving types ofcybercrimes (Siponen et al, 2014 p.220). It is also the duty of the chief information securityofficer to head extension and research programs to establish emerging trends in the informationtechnology sector for projection purposes. The CISO is as well supposed to conductenlightenment programs on information security among the company employees. The programs
STRATEGIC INFORMATION SECURITY 6help in remarkably reducing cases of accidental security breaches due to poor informationhandling by the employees (Siponen et al, 2014 p.221). They also promote accountability amongthe company workers.