Cullinane told a recent meeting of the Information Systems Security Association (ISSA) that, as part of the initiative, eBay increased its spending on IT security staff and programs, including cyber intelligence and botnet detection, according to a report by Paul Roberts with Kaspersky Lab’s Threatpost.
Cullinane noted that eBay, where he worked from December 2006 until May of this year, is a top target for cyber criminals. With 180,000 servers and 25 major platforms, eBay's online footprint is large. Prior to its security initiative, eBay had a Byzantine application infrastructure and poor visibility into malicious activity occurring within its network, he said.
During his tenure as eBay's CISO, Cullinane more than quadrupled the company's IT security budget from $10 million annually in 2006 to $48 million annually in 2011, he said. He was able to increase spending by tying security investments to the company's core business and showing the "business value" of security by estimating the cost of breaches and other security incidents to the organization, he related.