The Institute for Information Security & Privacy (IISP) – Georgia Tech’s eleventh interdisciplinary research institute – launched in Fall ’15 and since has leveraged intellectual capital from seven units across Georgia Tech in profound new ways.

“We believe few other universities are tackling cybersecurity research with the breadth and depth of Georgia Tech,” says Wenke Lee, co-director of the IISP and the John P. Imlay Chair II in Software for the School of Computer Science.

The inaugural year began by dissecting and defining Georgia Tech’s cybersecurity capacity, then creating new experiences for students, faculty and industry to coalesce around solutions. Astounding truths were revealed: cybersecurity research at Georgia Tech spans six critical thrusts, nine labs, and more than 460 researchers. Cybersecurity no longer is just a computer programmer’s problem; it is an urgent concern for disciplines as diverse as public policy, business, defense and ubiquitous computing.

Legacy in Computer Science

The IISP builds upon the successful Georgia Tech Information Security Center (GTISC), that was established in 1998 in the School of Computer Science after the Sam Nunn Information Security Forum. Attendees determined that Georgia Tech's strengths in technology and policy warranted it to take a leading role in improved security research, education and more reliable computing.

 Ralph Merkle, former director of GTISC, remarked during the early years: “For the past couple of decades we have put up with buggy code, unreliable computers, insecure computers, and computers that are vulnerable to viruses, worms, spam and other problems. All of this has to change. We need to have reliable computers, systems and networks that we can trust."

That mission now has evolved beyond the College of Computing to include the Ivan Allen College of Liberal Arts, Scheller College of Business, Georgia Tech Professional Education, Office of Information Technology, and of course the Georgia Tech Research Institute and College of Engineering – both of which have deep roots in secure information transfer and device design.

Mission and Focus

Under the IISP, Lee says focus is intently on three areas: research, education and commercialization. Objectives include:

• Increasing by 50% the volume of cybersecurity research by 2020
• Expanding pathways into the Master’s of Information Security degree
• Producing 60 Ph.D. candidates in the next five years
• Developing at least five commercial start-ups from academic or applied research

Affiliated faculty of the IISP conducted research projects conservatively valued at $24 million in the past year alone. More than 1,100 individuals attended new events organized by the IISP. Eighteen industry partners were engaged -- global businesses such as British Petroleum, Intel and IBM; Atlanta-based companies, such as Norfolk Southern Railway and The Home Depot, and information security alumni, such as Ionic Security, and Pindrop Security.

One of the most exciting aspects of the IISP’s first year, Lee says, was the success of graduate Musheer Ahmed (Ph.D. CS ’16). Ahmed’s graduate research, under the advisement of Prof. Mustaque Ahamad, led him to win the IISP’s inaugural Demo Day Finale.

Ahmed and Ahamad have filed a provisional patent for “FraudScope” to help insurers mine healthcare data and calculate risk among a provider pool. They are continuing translational research to develop a solution that addresses growing healthcare fraud and ensures that more healthcare dollars go to patient care. In addition to keen interest from businesses and entrepreneurs across Atlanta, FraudScope has received $400,000 in funding from the prestigious Wallace H. Coulter Foundation and Georgia Research Alliance.

“This work is an example of how Georgia Tech will and should expand its cybersecurity leadership,” says Bo Rotoloni, co-director of the IISP and director of GTRI’s Information & Cyber Science Directorate. “Industry is hungry for solutions and Georgia Tech has them.”

Second Steps Begin

Looking ahead, the IISP already has a busy second year in play. It is organizing a two-day cybersecurity symposium in Atlanta with the French Embassy; sending speakers to premier conferences with the Association for Computer Machinery, the Department of Defense and Federal Reserve, and again hosting the popular Georgia Tech Cyber Security Summit. Under Ahamad, who serves as associate director of education and outreach for the IISP, it is assisting development of new professional education offerings, degree expansions, and scholarship opportunities to attract more to the field. Under Michael Farrell, associate director of attribution research for the IISP, the group is preparing large-scale projects that allow Georgia Tech to pioneer new scientific approaches to difficult cybersecurity problems.

“And that’s just the first quarter of the year,” Lee says. “We are truly forming into a gateway for faculty, students, scientists, government and industry – the place for national and international collaboration. It’s exciting.”

See highlights from the IISP's first annual report.