Description
Now that you have a better understanding of various aspects of organizational behavior from the reading in the previous step, select an organization from this Organization Description list. The descriptions include an overview and key information about the organization, as well as information about a breach or attempted breach. Also, read this cybersecurity field overview; be sure you consider how each of the nine roles do or could apply as you review the case study. Your team can choose one of these cases or look for other options.
In response to the case study, your team will write an instructive white paper (6 – 8 pages) that analyzes a company's management and leadership environment in a particularly challenging period. Your paper should:
- review the issues of the case study as background for the events relating to the role of the leadership and teams
- analyze the leadership practices of the organization in the case study, and define the practices that leaders used to create collaborative and successful teams, or failed to effect successful working relations resulting in negative conditions
- analyse the impact of the most relevant one or two of the nine cybersecurity role listed in the overview above
- propose remedial principles and practices that the organization might adopt to enable a better outcome
After the paper is written, you will create a one-page executive summary of the paper.
Company facts: EBay administers e-commerce platforms that connect buyers with sellers of general merchandise. Two of its affiliated companies are PayPal and StubHub. There are about 11,600 employees at eBay, and the company in 2015 reported an annual revenue of $8.9 billion.
Leadership: Devin Wenig is president and CEO.
Mission/vision: "Our mission is to be the world's favorite destination for discovering great value and unique selection."
The breach: Between February and March 2014, eBay experienced a database breach that went undetected for almost three months. The compromised information included encrypted passwords and other personal information about the customer, but no financial information. In addition, researchers at New York University discovered later in 2014 that a site user could see a buyer's private purchases. Other cross-scripting vulnerabilities have been reported. A class action lawsuit filed against the company after the initial breach was dismissed in 2015.
EBay. (2016). Who we are. Retrieved from https://www.ebayinc.com/our-company/who-we-are/
Kelly, G. (2014, May 21). eBay suffers massive security breach; all users must change their passwords. Forbes. Retrieved from http://www.forbes.com/sites/gordonkelly/2014/05/21...
Kline, D. (2014, July 22). Latest eBay data breach shows deeper security concerns than reported. Motley Fool. Retrieved from http://www.fool.com/investing/general/2014/07/22/l...
Kovacs, E. (2016, January 12). XSS flaw exposed eBay users to phishing attacks. SecurityWeek. Retrieved from http://www.securityweek.com/xss-flaw-exposed-ebay-...
Schwartz, M. J. (2015, May 5). eBay breach-related lawsuit dismissed. BankInfo Security. Retrieved from http://www.bankinfosecurity.com/ebay-breach-relate...
Yahoo! Finance. (2016). eBay Inc. Retrieved from https://finance.yahoo.com/q/ks?s=EBAY+Key+Statisti...
Explanation & Answer
Attached.
Cybersecurity Management in the eBay Hack – Outline
Thesis statement: This essay examines the 2014 eBay database breach from a cybersecurity
perspective and how the company’s leadership had addressed the issue.
I.
Introduction
II.
eBay Case Study Background
A. Company Background
B. The eBay Hack
III.
The Leadership Practices of the Organization
IV.
Impact of Two of the Nine Cybersecurity Roles
V.
Remedial Practices
VI.
Conclusion
Running head: EBAY HACK
1
Cybersecurity Management in the eBay Hack
Name
Institution
EBAY HACK
2
Cybersecurity Management in the eBay Hack
Introduction
The information and communications technologies industry has been advancing at a rapid
speed while their demand and use has been widening. In the modern world that we are living
now, the Internet has become a critical aspect of our daily lives. The advantages of ICT have
expanded. But so are the risks and dangers linked with their usage. Cybercrimes have increased
at an alarming rate, including phishing and Internet fraud. To address these concerns,
governments and organizations are strengthening their cybersecurity all over the world. In this
regard, organizational leaders have to evolve in their roles to coordinate efforts to ensure that the
organization’s assets are protected. This is especially critical for e-commerce organizations such
as eBay. eBay experienced a security breach that risked sensitive information in early 2014. This
essay examines the 2014 eBay database breach from a cybersecurity perspective and how the
company’s leadership had addressed the issue.
eBay Case Study Background
Company Background
eBay Inc. is the name of a global e-commerce company headquartered in San Jose,
California. eBay was established in 1995 by its founder Pierre Omidyar. The company, along
with other sites such as Amazon, is one of the success stories of the dot-com era. eBay currently
maintains a website which allows consumers to sell goods to other consumers and businesses to
other businesses (EBay, 2016). It is, in other words, an online auction and shopping corporation
where customers and businesses trade in a wide range of products and services across the world.
Aside from facilitating auctions, however, eBay has expanded into other businesses such as its
online ticketing business StubHub, its eBay Classifieds, and online money transfers through
EBAY HACK
3
PayPal (which it owned until 2015). eBay is currently a multi-billion dollar company which
reported annual revenue of USD 8.97 billion in 2016 (Yahoo! Finance, 2016). It has a presence
in over 30 countries. Its notable leaders are Thomas J. Tierney as its Chairman and Devin Wenig
as its CEO.
The eBay Hack
In May 2014, it was reported that eBay’s online systems were hacked. eBay’s main
database became the victim of a huge cyberattack that risked its primary database that stores user
passwords. The reports stated that there was no indication that the hack led to unauthorized
activity for the company’s users as well as no indication of an unauthorized breach of user
financial information which is held in different encrypted files (Kelly, 2014). But the hackers
accessed customer details including the names, addresses, telephone numbers, and passwords.
The breach originated from hackers hacking a tiny fraction of staff log-in details which allowed
them to access the company’s corporate systems.
The curious thing was that the hack took place between February and March but was not
discovered until early May. The eBay hack was dis...
Review
Review
