Georgia Tech is doubling down to discover, connect and solve the modern, cyber security threats by creating a first-of-its-kind interdisciplinary research institute (IRI).

The new Institute for Information Security & Privacy at Georgia Tech combines basic and applied research, expertise from Georgia Tech’s six unique colleges, and labs from the Georgia Tech Research Institute (GTRI). Georgia Tech unveiled the new IRI during its annual Cyber Security Summit on Oct. 28, 2015. 

Formalized as an organization on July 1, the new IRI will serve as a gateway to all cyber research activities at Georgia Tech. Within the Institute for Information Security & Privacy are GTRI’s Information & Cyber Sciences Directorate—the Cyber Technology and Information Security Laboratory (CTISL) and the Information and Communications Laboratory (ICL)—and the College of Computing’s Georgia Tech Information Security Center (GTISC), which authors an annual “Emerging Cyber Threats Report.” The Institute for Information Security & Privacy also draws subject matter experts from Georgia Tech’s College of Engineering, the Scheller College of Business and the Sam Nunn School of International Affairs.

Georgia Tech Executive Vice President for Research Stephen Cross sees the newest IRI as essential at a time when cyber threats by criminals and nation states are all too common.

“We have the academic foundational research and educational programs, the technology transfer and applied research that make a real impact with industry and government, and the ability to understand and study the broader, societal impact,” he said. “Cyber security work takes place in these three spheres, and the IRI has been built at the intersection of all three.”

Cyber research will focus on the six following areas:

• Privacy policy
• Consumer-facing privacy
• Attribution
• Risk
• Trust
• Cyber physical systems

Faculty from various colleges and GTRI steer each area, under the leadership of Co-directors Wenke Lee, College of Computing professor and recent director of GTISC, and Bo Rotoloni, GTRI deputy director of Information & Cyber Sciences.

Home to more than 200 research centers and laboratories, Georgia Tech has established several large-scale IRIs that focus on a single, core research area by bringing together a mix of researchers that span colleges, departments, disciplines and individual labs. Tech’s focus on maintaining online security and privacy will now become the 11th IRI, following electronics and nanotechnology, energy and sustainable infrastructure and national security, among others.

GTRI, generally considered the applied research unit within Georgia Tech, will both benefit from and provide a unique perspective to the basic research conducted within the academic units.

“The nature of cyber security is that you can get quickly into the applied aspect of research in the academic research sphere,” Rotoloni said. “The challenges don’t have to be theoretical. Real-world problems are prolific enough.”

The IRI, Rotoloni said, is a means to create a holistic and cohesive strategy across Georgia Tech. By combining the academic, policy and applied research strengths, the university as a whole will be better positioned to coordinate large-scale research projects, share support infrastructures for proposal and project management, coordinate faculty and research faculty hiring, and ultimately create a “one-stop shop” for both government and industry engagement.

“Security and privacy research really exists between both the applied side and the academic side of things,” Lee said. “Even the major industry players think so, as cyber security is not an abstract problem, like ‘energy’ or ‘environment.’ Students conducting research are working on the same problems as organizations like GTRI.”

The IRI will create a continuum of privacy and security research, Wenke said, closing this divide between the applied and basic research, allowing researchers to move seamlessly between the two.

“It’s natural for both ‘sides’ to work together,” Lee said. “Even though we also work on the real problems, the nature of the academic side is to get the solution deployable. That’s where GTRI excels.”

Other goals for the Institute for Information Security & Privacy include forming a professional master’s degree, as well as having researchers to present continuing education courses through Georgia Tech Professional Education (GTPE). Before the end of a five-year period, 60 doctoral students in privacy and security will graduate, and research programs will be in place for both undergraduate and high school students.

 “The IRI will assist GTRI in integrating some of the basic research going on in the College with our IRAD program,” Rotoloni said. “This will assist GTRI in developing more forward-looking projects which will help keep us out in front of current research.”

In moving beyond basic and academic research, the Institute for Information Security & Privacy will work to substantially contribute to both national and international policy conversations on privacy and security. GTRI’s relationships with national defense and intelligence community members, along with faculty who have regularly been asked to testify before Congressional committees, will assist in this goal.

“The policy impact aspect of this IRI is cemented with the inclusion of the Scheller College of Business and the Sam Nunn School of International Affairs,” Rotoloni said. “Each of these partners will construct a program for the IRI under their own umbrella, and make Georgia Tech increasingly more visible in overall policy discussions.”

With the three spheres—academic research, applied research and policy expertise—the Institute for Information Security & Privacy is positioned to become the go-to place for both industry and government for cyber security advice, support and solutions.

“Security is always a clear-and-present danger, as evident from challenges we have experienced,” Lee said. “We need to keep thinking ahead. This cross-campus partnership will do just that: Enable us to stay in front of the security challenges.”