2016 isaca scholarship competition.pdf
TRANSCRIPT
2016
Academic Scholarship Competition
1 ISACA Philadelphia
Competition Overview All submissions are DUE April 18th, 2016 Participants are to write an essay on one of the following topics. (See Pages 2-3 for more info):
1. Incident Detection and Response 2. Third Party Risk Management 3. Mobile Applications
Scholarships will be awarded to the top three submissions as decided by the Philadelphia ISACA Chapter Grants & Scholarships Committee. All decisions are final. This scholarship is a one-time award. All scholarship award winners will have their essay published on the Philadelphia ISACA website. All qualifying students who submit essays for consideration will receive a one-year membership to the ISACA organization.
What is ISACA? ISACA is a worldwide association of IS governance professionals. The aim of the Philadelphia Chapter is to sponsor local educational seminars and workshops, and help to further promote and elevate the visibility of the IS audit, control and security profession throughout Philadelphia. Through the generous support of our members, the Philadelphia Chapter of ISACA is making $5,000 available for scholarships in 2016. To learn more about our organization and activities, please visit our web site at http://www.phillyisaca.org.
1st $2,500.00
2nd
$1,500.00 3rd
$1,000.00
2016
Academic Scholarship Competition
2 ISACA Philadelphia
Essay Topics Please select 1 out of the 3 topics below for your essay. Essay submissions will be evaluated based on main focus, relevance to the prompt provided, organization, understanding of subject, and grammar/mechanics. Topic #1: Incident Detection and Response Advanced, targeted attacks have become more widespread over the last few years, attracting the attention of governments, business executives, and the news. Of particular concern are advanced persistent threats (APTs). These covert and sophisticated attacks focus on gathering secret information over time as opposed to immediate financial rewards. In response, information security organizations are investing in APT protection products and revisiting their threat monitoring and detection strategies. Organizations around the world are struggling to find a comprehensive solution for APTs. Please discuss each of the following:
1) Characteristics of an APT and the difficulties with preventing these types of attacks 2) How security analytics can be used to understand and predict cyber attacks 3) Approaches for building a security architecture for APTs 4) Methods for responding to these security breaches
Topic #2: Third Party Risk Management In business, outsourcing involves the contracting out of a business process to another third party. Organizations often use outsourcing to reduce operating costs and increase focus on business core competencies. While this practice has been happening for several decades, high profile data breaches traced back to third party outsource vendors has brought this practice under intense scrutiny of regulators around the world. Home Depot’s 2015 data breach and the 2015 U.S. Office of Personnel Management data breach were both perpetrated using a third party’s log in credentials.
Please discuss each of the following:
1) The business advantages and risks associated with use of third party vendors 2) Develop a high level business case for establishing a Third Party Risk Management Program 3) How you would implement a Third Party Risk Management Program 4) Various approaches for measuring the effectiveness of Third Party Risk management activities
2016
Academic Scholarship Competition
3 ISACA Philadelphia
Topic #3: Mobile Applications Take a good look at your smartphone or tablet. What you are looking at is considered a disruptive technology. Disruptive technology? Really? Yes, these devices and their apps have had a major impact on the way we communicate in our personal lives and at work. The devices and more importantly the apps have replaced cell phones, PDAs and cameras and are quickly replacing garage door openers and televisions. Mobile apps for employees, business partners and customers may be cheaper and quicker to develop and deploy than full-blown enterprise applications, but they still must work securely and in concert with an organization's overall IT infrastructure.
Please discuss each of the following: 1) How mobile apps are changing and will continue to change the way businesses operate. 2) Revenue opportunities and security concerns (risks) associated with the use of mobile apps. 3) Approaches to addressing confidentiality, data integrity, and app availability risks. 4) Approaches to monitoring and reporting on these opportunities and risks.
2016
Academic Scholarship Competition
4 ISACA Philadelphia
Essay Submission Requirements Essays will only be accepted from graduate or undergraduate students who are enrolled
and in good standing in a full-time program at a higher education institution in Pennsylvania, Delaware, or New Jersey.
Only one essay per student will be considered.
Essays will be double-spaced and must include between 950 and 1000 words, excluding names, headers, and endnotes.
Essays should be submitted in a standard word processing format such as MS Word. When citing sources, essays must follow either the MLA or APA format and the essay must contain a reference page.
The essay will be submitted in English.
Essays must be submitted and received no later than April 18, 2016. Any entries received after this date will not be considered.
Students will be notified no later than May 30, 2016 of decisions on publication and award status.
All competition submissions must include a Cover Sheet (Form1), Student Certification (Form 2), and Academic Verification (Form 3).
Submissions not meeting the requirements defined above will be disqualified from the competition.
All essay competition entries along with the cover sheet, student certification and
academic verification forms must be submitted for consideration via e-mail to: [email protected]
2016
Academic Scholarship Competition
5 ISACA Philadelphia
FORM 1 COVER SHEET
Student’s Name:
Student’s Mailing Address:
Student’s Email Address:
Student’s Area of Study:
Student’s Year in School:
School Name:
School Address:
School Phone Number :
Department Head or Counselor’s
Name & Phone Number:
2016
Academic Scholarship Competition
6 ISACA Philadelphia
FORM 2 STUDENT CERTIFICATION
Certification: I hereby certify that the information provided in this application and during the application process is the original work of the applicant and is true and correct to the best of my knowledge. I have not knowingly withheld or misstated any facts or circumstances that would be relevant to the consideration of this application.
During the period that my essay submission is under consideration by the Philadelphia ISACA Chapter, I am also certifying that it has not been published elsewhere and is not being considered for publication elsewhere. _________________________ __________ Applicant Signature Date _________________________ Applicant Name (Printed)
2016
Academic Scholarship Competition
7 ISACA Philadelphia
FORM 3 VERIFICATION OF ACADEMIC STANDING
I ____________________ give my written permission and authorize the Philadelphia ISACA Chapter to contact my college or university and verify my current enrollment and academic qualifications as outlined below.
_________________________ __________ Applicant Signature Date
_________________________ Applicant Name (Printed)
Student and College Information
Student’s School ID#
Student’s Date of Birth
Student’s Major
Dates of Attendance
Expected Graduation Date
Student’s Phone Number
Name of College
College Office of Registrar Contact Name
College Office of Registrar Address
College Office of Registrar Phone Number
College Office of Registrar Fax Number