DePaul Becomes Biggest Private University to Go ‘Test Optional’ Applicants may choose to write essays that reveal ‘heart’

DePaul University will no longer require applicants to submit standardized-test scores for admission. The new policy, announced on Thursday morning, makes DePaul the largest private nonprofit university to go completely “test optional.”

Starting with applicants for the freshman class entering in 2012, students who choose not to submit ACT or SAT scores will write short responses to essay questions designed to measure “noncognitive” traits, such as leadership, commitment to service, and ability to meet long-term goals.

“Admissions officers have often said that you can’t measure heart,” said Jon Boeckenstedt, associate vice president for enrollment management. “This, in some sense, is an attempt to measure that heart.”

Mr. Boeckenstedt expects the change to encourage applicants with high grade-point averages but relatively low ACT and SAT scores to apply—be they low-income students, underrepresented minorities, or otherwise. Moreover, he and his colleagues believe the new admissions option will allow them to better select applicants who are most likely to succeed—and graduate.

A few years ago, DePaul incorporated noncognitive variables into its admissions process for the first time. Subsequent research convinced Mr. Boeckenstedt and his colleagues that those nontraditional measures did more than the ACT or SAT to predict the success of low-income and minority students at the university. “These are as good an additive predictor, and for some students, they’re a little better,” he said.

DePaul’s announcement is a reminder that the test-optional label now applies to a diverse mix of colleges. In 2008, Wake Forest University became one of the most-selective institutions yet to drop its testing requirements. Its decision affirmed that test-optional policies were not only for nonselective institutions or small liberal-arts colleges.

Now, DePaul will test the utility of alternative admissions requirements within a deep, diverse applicant pool. As one of the largest Roman Catholic institutions in the United States, DePaul enrolls about 16,000 undergraduates—more than three times as many as Wake Forest. DePaul began using the Common Application last fall, and as of this week, had received more than 16,000 applications (for a class of about 2,300 to 2,500). That’s a 42-percent increase over the number of applications DePaul had at the same point last year.

“Institutions find themselves moving in this direction for so many different reasons,” David H. Kalsbeek, DePaul’s senior vice president for enrollment management, said of the decision to change testing requirements. “But by any measure, we’re coming at this from a position of strength.”

In some corners of academe, test-optional policies have become synonymous with strategic positioning. Over the years, some admissions officials have decided to drop the ACT and SAT in hopes of attracting more applicants, increasing diversity, and—yes—improving their image in a competitive marketplace, where standardized-test scores are often a proxy for quality (applicants with lower test scores usually don’t submit them).

Yet Mr. Kalsbeek said DePaul’s decision to change admissions requirements had been informed by studies of institutional data as well as by concerns about the correlation between standardized-test scores and family income: “It’s a very student-centered strategy.”

 A Second Look at Tests

Application surges make presidents, trustees, and enrollment officials happy. But with big increases often come tough questions. In recent years, DePaul officials have grappled with two crucial ones: How should the institution balance its increasing selectivity with its traditional commitment to access? And how could it improve its retention and graduation rates, so that access and attainment go hand in hand?

Unlike some colleges that have stopped requiring the ACT and SAT, DePaul is broadly diverse. About two-fifths of its undergraduates are first-generation college students, and a tenth are graduates of Chicago’s public high schools. A quarter receive federal Pell Grants. Among the university’s many students whose first language was not English, a good number first spoke Polish.

Concerned that standardized tests were limiting access, however, DePaul officials began investigating noncognitive assessments several years ago. In 2008 the university added four short essay questions to its freshman application. Those questions were based on the research of William E. Sedlacek, a professor emeritus of education at the University of Maryland at College Park and author of Beyond the Big Test: Noncognitive Assessment in Higher Education.

Mr. Sedlacek has identified eight predictors of student success in college, including leadership experience, involvement in community service, and demonstration of knowledge acquired in a particular field. DePaul’s four essay questions were created to elicit responses that would allow trained readers to rate an applicant on each of those eight variables.

One question prompted applicants to describe a goal they had set for themselves and how they planned to accomplish it: “How would you compare your educational interests and goals with other students in your high school?” Another question said: “Describe a personal challenge you have faced, or a situation in which you or others were treated unfairly. How did you react to the situation and what conclusions did you draw from the experience? Were you able to turn to others for support?”

DePaul stopped requiring those questions last year, when it joined the Common Application, which asks students to write a personal essay of at least 250 words. Mr. Boeckenstedt said he worried about giving applicants too many essays (applicants had been told to write at least 100 words for each of DePaul’s four essay questions, but many wrote much more).

Nonetheless, officials were not ready to abandon the noncognitive questions for good. After all, they had been scrutinizing their testing requirements for years. At DePaul, high-school grades are by far the best predictor of success. Although ACT and SAT scores are also solid predictors, they provide little additional insight beyond what a student’s high-school transcript reveals, according to Mr. Boeckenstedt.

“It’s just double-counting, or confirming information we already have,” he said.

DePaul officials found that ACT and SAT scores were less reliable predictors of grades and academic progress—that is, of a student’s likelihood of completing a sufficient number of credit hours to progress toward a degree. When Mr. Boeckenstedt and his colleagues looked at their data, they found that the noncognitive variables were often better predictors of graduation than standardized-test scores were.

DePaul has yet to determine how many questions it will ask applicants to complete if they opt not to send their test scores, but the prompts will be similar to those it used previously. The university, which has described the test-optional program as a pilot project, plans to study the effects of the change over the next four years.

Mr. Boeckenstedt hopes the new policy will convince prospective students that their high-school record matters more than their performance on the ACT or SAT does. “Test scores are valuable for some things,” he said, “but the focus and obsession we have about them as a country is a little bit misplaced, if not a lot misplaced.”


By Eric Hoover Feb 17, 2011

How to Create a Cyber-aware Work Culture — Macate Group

If you didn’t get a chance to read our last blog, it gives you a look into the not-so- cybersecure world of the workspace and shares the Top 5 Cybersecurity Mistakes Employees make. In this follow-up post, we will share different ways that your company can create a cyber-aware community and teach employees about […]

via How to Create a Cyber-aware Work Culture — Macate Group

Early 1990’s Razorback Info

So if you are a Razorback football fan, and enjoy old nostalgic info.  These links will show you what it was like to be on the team in 1992 – right when they joined the SEC.  Enjoy.












Meet David Dworken, the teenager who hacked the Pentagon


Kid helps hack the Pentagon – sweet story. (reference).



Meet David Dworken, the teenager who hacked the Pentagon

Within 13 minutes of urging hackers to take their best shot at the Pentagon’s public websites, the US government’s first-ever bug bounty program had its first submission.

Just six hours later, hackers had already uncovered nearly 200 vulnerabilities in the Department of Defense’s networks.

Already a staple for companies such as Google and Facebook, the bug bounty program – which pays friendly hackers to do the sorts of things that recreational hackers might do for fun, and that criminals like to do for far more nefarious purposes – was so successful that Pentagon officials say that they are considering another bug bounty program for later this year. Other federal agencies, they add, would do well to follow their lead.

The chance to hack the feds drew a wide variety of comers, including David Dworken, 18, who has been a fan of bug bounty programs since middle school. He did it for the T-shirts initially.

“I probably spent about 20 hours on one because I thought they had a really cool t-shirt,” he says. “I thought it was pretty awesome that you could get free T-shirts in the mail.”

Mr. Dworken signed up for an account with HackerOne, a firm that runs bug bounty programs, and gravitated toward companies that offer “Hall of Fame” listings on their websites in lieu of cash for finding bugs.

On the Netflix website, for instance, Dworken found that he could create a URL “that could display and do whatever I wanted. I could send it to you and if you were signed into Netflix, I could steal your account information,” he says. “The fact that software engineers at Netflix are making sure that’s fixed is incredibly satisfying.”

Get Monitor cybersecurity news and analysis delivered straight to your inbox.

As he got more experience, he moved on to companies such as Uber, where he’s earned $8,000 finding four bugs, “which is amazing,” Dworken says. “I do this because I think it’s the right thing to do, but I really started to get to the point where I made a good chunk of change.”

Then, as he was getting a lift to school with his dad one morning, he heard about a bug bounty on National Public Radio. “We always listen to NPR in the car,” he says. It didn’t take long for Dworken to set off on his most intriguing challenge to date: Hacking the Pentagon.

Not long after learning about the program, he received an email from HackerOne, which was running the Pentagon’s bug bounty. They wanted him to participate. “I was shocked, and unbelievably excited,” he said.

There was just one snag. His Advanced Placement exams were happening at the same time. So he quickly got to work, reporting “four or five vulnerabilities within the first 12 hours of it opening,” then got back to his studies.

“They were the standard web security vulnerabilities that are on pretty much any website unless they have a really good web security team – or a bug bounty,” he said.

While these sorts of vulnerabilities are “shockingly common overall,” the fact that they existed until recently on DOD websites was striking to Dworken. “Now, it’s raised the barrier to hacking into the Pentagon, which is absolutely an amazing thing,” he says. “This may sound cheesy, but it’s a way to serve my country from the comfort of my computer.”

Defense officials are counting on this kind of patriotic spirit, and the cache of getting to hack, well, the Pentagon.

“A lot of hackers, like myself, will choose to help – and not just for the money, but for recognition. This is a historic program,” Kate Moussouris, currently an independent security consultant and former chief policy officer at HackerOne, told reporters in April. “The prestige of being part of the very first program for the US government is also commodity in and of itself.”

And that saves the Pentagon money – the bug bounty pilot program cost $150,000.

“It’s not a small sum but if we had gone through the normal process of hiring an outside firm to do a security audit and vulnerability assessment, which is what we usually do, it would have cost us over $1 million,” said Defense Secretary Ash Carter.

The DOD paid $5 million over three years to one vendor, which found less than 10 vulnerabilities.

These public bug bounty programs do not throw open the Pentagon’s flood gates to let hackers poke around its Secret Internet Protocol Router Network, or SIPRNet, or even the sensitive-but-unclassified Non-Secure Internet Protocol Router Network, or NIPRNet.

Instead, these are programs to sweep up the admittedly low-hanging fruit – such as where to go rent canoes as part of a military recreation website – that offer all too enticing opportunities for “embarrassment through defacement,” as defense officials put it. The Pentagon runs roughly 450 of these websites.

In total, 1,400 eligible ethical hackers – otherwise known as “white hats” – were invited to take part in the program, and more than 250 of them found and submitted at least one vulnerability. Of these, 138 were found to be “legitimate, unique, and eligible for a bounty,” said Secretary Carter.

Equally important, by allowing outside hackers to find holes and vulnerabilities, it frees up the US military’s own cyberspecialists “to spend more time fixing them than finding them,” Carter added. “The pilot showed us one way to streamline what we do to defend out networks and correct vulnerabilities more quickly.”

The highest individual bounty was $3,500; the average was $588. The top-earning hacker made $15,000.

Dworken didn’t make any actual money, since other bug bounty hackers had already discovered the vulnerabilities he reported. But the experience made for good public service and a considerable resume builder.

He also got a trip to the Pentagon to meet Carter. “I’d never been to the Pentagon, despite living in DC and driving past it 10,000 times.”

This fall, he is headed to Northeastern University in Boston to study computer science, with a focus on cybersecurity. Before that, though, he’s spending a month this summer hiking the Appalachian Trail by himself. During that time, he says, “I’m mostly checking out of technology.”

Get Monitor cybersecurity news and analysis delivered straight to your inbox.