New Research Center to Combat Identity Theft

Stung by the unprecedented number of identify thefts and data losses that have occurred in recent months across academia, the private sector and the government, a group comprised of representatives from each of these areas has formed the Center for Identity Management and Information Protection.

To be based at Utica College in New York, the Center's founding partners are LexisNexis, IBM, the United States Secret Service, the Federal Bureau of Investigation, Carnegie Mellon University Software Engineering Institute's CERT/CC, Indiana University's Center for Applied Cybersecurity Research, and Syracuse University's CASE Center, as well as Utica College. According to the participants, this is the first effort of its kind.

The Agenda

The research will focus on the following topics:

• causes, early detection, and prevention of identity fraud and theft
• the evolving threat from cyber criminals, insiders and organized crime groups
• the impact and role of policy decisions, legislation and regulatory actions
• improvement of identity authentication systems to reduce fraud and improper payments, and protect national security
• the role of enabling technologies to protect information, facilitate privacy and share information.

The Center will be headed by Gary R. Gordon, professor of economic crime management at Utica College. The research agenda of the Center will be guided by the board of advisors of the college's Economic Crime Institute (ECI) and a research steering committee formed by the Center's partners.

First Project

For the Center's first research project, the Bureau of Justice Assistance, Office of Justice Programs and Utica College's CIMIP will examine current and emerging criminal groups that perpetrate identity theft fraud.

Practical applications in federal, state and local law enforcement training programs are expected, along with help for corporations developing prevention and detection strategies.

The Center "is a huge step in the right direction," said Ron O'Brien, senior security consultant at Sophos, who applauds the cooperation among the private, public and academic sectors. He hopes to see Sophos participate in the Center's activities in some capacity, he told the E-Commerce Times.

That said, more rigorous enforcement of fundamental protective measures will provide the greatest protection against identity theft, O'Brien emphasized.

"Most of the incidents of identity theft lately, at least anecdotally, have been cases of employees taking home laptops with sensitive information on them that were subsequently stolen," he said. In at least some of these cases, the thieves did not appear to realize the potential value of information on the laptops.

Short of developing a new level of encryption protection for such data, O'Brien said, instilling the need for better security practices in employees at government, university and private sector institutions -- and enforcing them -- are the best measures to take to protect consumers' data.