The Standoff IT Security Scholarship Program

The Standoff IT Security Scholarship Program aims to encourage and support students working towards degrees in fields related to computer security and information security. In the framework of the 2020 program, four (4) $1000 scholarships will be awarded. One (1) $1000 award will be granted for the best essay submission in each of the four prompt categories listed below.

Who can apply: Any undergraduate or graduate student working towards a degree in a field related to computer security and/or information security at an accredited academic institution.

Submission deadline: Wednesday, 14 November 2020, 11:59pm UTC

Submission guidelines:

  • Students may submit essays for one or more of the essay prompts listed below (1–4 essays total).
  • Each essay must contain 500–1000 words.
  • All submissions must be written in English.
  • To submit, complete the online submission form.
  • In your submission, please clearly indicate to which prompt each submitted essay corresponds.
  • Submissions must be sent to by the submission deadline listed above.

What is The Standoff?

The Standoff is a cyber-range launched by IT and information security experts with the aim of assuring secure future development of IT infrastructure.

The project provides a unique simulation testbed to demonstrate the possible impacts of cybercrime on the high-tech infrastructure of a modern city. In the framework of the competition, hackers and security experts will face off in an environment containing real-life elements of IT infrastructure submitted by organizations seeking to identify risks and weaknesses in their IT security systems.

This means that the virtual city of The Standoff contains the same elements (and accompanying vulnerabilities) as a real, genuine city: industrial facilities, power plants, banks, offices, mobile operators, transportation systems, sports infrastructure, and entertainment facilities, among others.

The competition will take place during November 12–17, 2020 and will be conducted fully online. For more information, please visit:

Essay Prompts

Prompt #1: Emerging Technologies and IT Security

Select an emerging technology that has not yet seen widespread implementation, but which promises expanded development and increased significance in the near future. Provide a brief description of the technology and of its use, then assess and analyze the security risks that it implicates.

You are encouraged to think outside the box when selecting a technology to write about; don't be afraid to get creative!

Prompt #2: Organizational Shortcomings in IT Security

Headlines reporting data leaks, compromised networks, and successful attacks by hackers have become a regular feature of our daily news cycle. It seems that all too often organizations—despite knowing ahead of time that their systems have not been properly secured—only begin shoring up gaps in their IT security once it's already too late.

Write an essay that assesses current organizational approaches to cybersecurity and answers the question: Why do organizations often address IT security vulnerabilities only after a breech occurs?

Prompt #3: Educational Shortcomings in IT Security

There are a large number of competitions and cybersecurity trainings available to IT security enthusiasts seeking to hone their skills. However, the majority leave much to be desired: in general, they do not contain genuine, real-life elements of IT infrastructure, nor do they involve real, human hackers implementing innovative exploits. Consequently, they do not provide an authentic training environment for professionals, and many junior cybersecurity specialists enter the field unprepared to face the real-world challenges that await them.

Write an essay that analyzes the shortcomings of IT security trainings and answers the question: Why is cybersecurity training not as authentic and robust as standard preparatory training for many other professions?

Prompt #4: Solutions in IT Security

Write an essay proposing one or more ideas for improving the field of cybersecurity. These proposals could be technical, organizational, educational, even political. What needs to happen to raise the field of IT security to a new standard of rigor, reliability, and efficacy?

Please address any questions to: