Forging an Intellectual Firewall

New Institute for Information Security & Privacy Set to Tackle Cyberdefense Challenges Worldwide

The Internet is essential to everyday life. But, almost constant attacks by cyber agitators threaten everyone who dares to go online and even the Internet itself. At a time when cyber threats are becoming more persistent and sophisticated, the Georgia Institute of Technology is fighting back with the new Institute for Information Security & Privacy (IISP) -- Georgia Tech’s eleventh interdisciplinary research institute and the first dedicated to cybersecurity.

The IISP represents new collaboration between the Georgia Tech Information Security Center (GTISC), Georgia Tech Research Institute’s (GTRI) information security labs, and four colleges across campus. It will help coordinate activities among nine cybersecurity labs and more than 200 researchers in all to create a single gateway to Georgia Tech expertise for business and governmental partners.

“Georgia Tech has a distinct advantage in the cybersecurity field in that our basic research and applied research organizations collaborate so closely,” said Wenke Lee, co-director of the IISP and former GTISC director. “The arrangement allows researchers who have been part of GTISC to continue investigating new emerging threats and developing new technologies while partnering with a broader range of disciplines, including policy, business, law, and other forms of engineering.”  

GTRI’s director of the Information and Cyber Sciences Directorate, Bo Rotoloni, serves as the IISP’s other co-director. Former GTISC Director Mustaque Ahamad, professor in the School of Computer Science, is IISP’s associate director for education outreach. Gregory Abowd, Regents’ Professor in the School of Interactive Computing, serves as IISP’s associate director for consumer-facing privacy.

The College of Computing established itself as a cybersecurity pioneer in 1998 with the launch of GTISC. The launch occurred in cooperation with the second annual Sam Nunn Policy Forum, hosted at Georgia Tech. Nunn, a longtime U.S. senator from Georgia, initiated the eponymous annual policy meeting to educate the public about critical issues confronting the nation.

“As the program for the Nunn Forum developed,” Ahamad said, “it became increasingly clear that Georgia Tech’s strengths in technology and policy, coupled with the pressing need for education and research in information security, meant that the Institute had a responsibility to lead in this area.”

And lead Georgia Tech has. GTISC, like other academic labs, began conducting a dynamic agenda of discovery-based research to explore new approaches to developing problems. Research wasn’t the only outcome. Tech’s cyber momentum also led to the creation of a Master of Science in Information Security in 2002.

“The MS degree program was launched to address the future need for professionals with deep knowledge of the cyber security field,” Ahamad said. “Many graduates like Dimitri Alperovitch [former McAfee VP and current CTO and co-founder of CrowdStrike], Chris Rouland [founder and CTO of Atlanta-based Bastille], and Vijay Balasubramaniyan [founder and CEO of Atlanta-based Pindrop Security] have gone on to become leaders in the field.”

Other signature GTISC initiatives followed, soon to be conducted jointly with GTRI. The Cyber Security Summit emerged in 2004, annually featuring top thought leaders exploring how to combat cyber threats. The widely respected annual Emerging Cyber Threats Report took off that same year and amplified Georgia Tech’s leadership in the cybersecurity industry.   

GTISC frequently partners with GTRI because of its designation as a University Affiliated Research Center (UARC) for the U.S. Department of Defense. Only 13 universities nationwide have received UARC accreditation.

The new IISP is the culmination of all this, nearly two decades of work in the field. The multidisciplinary institute is expected to double the resources Georgia Tech devotes to security and privacy research, both for its own sake and as a means of economic development. Multiple past discoveries have moved from the bench to the marketplace, including firms like Pindrop Security and Damballa. Tech’s commercialization track record is a major competitive advantage, Lee said.

“Entrepreneurial collaboration with or by faculty members enables us to maximize the impact of our discoveries,” Lee said. “Only when commercialized technologies are deployed and executed can they properly benefit the public. The IISP has the skills and experience necessary to help researchers capitalize on their discoveries.”  

Georgia Tech’s cybersecurity leadership extends far beyond campus labs. Many Yellow Jacket researchers, faculty, and alumni hold prominent appointments as cybersecurity officers and advisors for Congress and top federal officials, as well as leading corporations. Lee expects those advisors will play an important role in determining the future of cybersecurity via both policy and research discoveries.

“We lead at the intersection of cybersecurity and privacy, where many of the most pressing technical and policy issues will occur in coming years,” Lee said. “Georgia Tech is well positioned to set the tone for the future of cybersecurity.”