Programs

We design and deliver our programs and services with care, creativity, and expertise.

Individuals
Individuals
Organizations
Organizations
Entrepreneurs
Organizations

News & Media

Ideas

Publications

Community

Events

Who We Are

Our People

View all programs

Applications Open

LOCATION

HYBRID

COST

$2,800

Cybersecurity
& the Law

Understand cyber law, manage risks & navigate crises

In partnership with:

Register now
Register now

Cybersecurity & the Law: Risk Management in the Digital Economy

In today’s digital landscape, the risks to cybersecurity are ever-present and constantly evolving. As cyber threats become more sophisticated, the need for corporate leaders and legal professionals well-versed in the intricacies of cybersecurity and AI is paramount.

Our certificate program, Cybersecurity & the Law: Risk Management in the Digital Economy, launched in collaboration with Lincoln Alexander School of Law at Toronto Metropolitan University, is your shield against these risks. We empower our participants to navigate the legal complexities of cybersecurity, assess and manage risks, and provide expert guidance in crisis situations.

Upcoming Program Details: Sept. 12, 19, 28 & Oct. 3, 10 2025  I  5 weeks  I  Part-time  I  Hybrid

Who should attend?

Senior Leaders and Managers, Technology Team Leads, and In-House / Corporate Counsel

This certificate program is aimed at business professionals and mid- and senior-level lawyers who hold primary responsibility for advising corporations about integrating cybersecurity best practices into operations. This program fosters a deeper dive into understanding the legal implications of client cyber risks, including case law, and regulatory landscapes. Participants learn how to deliver legal advice during cybersecurity incidents and gain expertise in data protection mechanisms, crisis management and post-incident analysis.

 

Download Program Package

What you’ll learn

Upon completion, participants will have the knowledge and key competencies to support their ability to provide foundational advice on legal cybersecurity and privacy issues – from prioritizing operational action plans that help to avoid legal consequences, to mitigating liability while recovering from a cyber incident. Participants will be equipped to rapidly acquire and assess mission-critical information, formulate and implement action plans, effectively evaluate success and adapt accordingly, and function confidently as organizational advisors.

Understanding Technology in Contemporary Business​

Mode of Delivery: In-Person / Virtual

This module concentrated on understanding the vital intersection of technology and contemporary business. Participants delved into the client-based approach to cybersecurity needs, grasped the relevance of organizational missions and governance, explored technology infrastructure and data types, and analyzed threat and risk assessments. Interactive lectures, group activities, and scenario-based exercises enabled participants to define business contexts, map technology, and provide legal insights, strengthening their ability to align technology with legal considerations

Assessing Legal Risks in Cybersecurity

Mode of Delivery: Virtual

Online Module 2 zeroed in on assessing legal risks in the realm of cybersecurity. Participants identified legal implications related to client cyber risk, examined the information/data regulatory landscape encompassing privacy laws and data protection, and learned to provide relevant legal advice based on an organization’s cybersecurity posture. Through pre-recorded sessions, panel discussions, and case studies, attendees gained a comprehensive understanding of legal intricacies, enabling them to offer informed guidance.

Privacy, Data, and Information Protection​

Mode of Delivery: Virtual

In Module 3, the focus shifted to privacy, data, and information protection within the digital economy. Participants examined various types of data and their protection, explored regulatory requirements, and engaged in a case study exercise. By completing privacy impact assessments and evaluating compliance, participants developed the skills needed to advise organizations on data protection while navigating complex regulatory landscapes.

Supporting a Client in Crisis: Advising in Cybersecurity Incident Response​

Mode of Delivery: Virtual

Module 4 delved into the crucial role of legal counsel in supporting clients during cybersecurity crises. Participants learned about crisis management and communications, explored tools and techniques for advising clients in crisis, and engaged in a tabletop exercise to simulate a basic breach scenario. By understanding the incident response process, participants became better prepared to deliver legal advice and manage post-incident legal issues effectively.

Symposium: Legal and Ethical Challenges and Opportunities of AI in Cybersecurity

Mode of Delivery: In-Person (Ted Rogers School of Management) or Zoom

In this symposium, participants took a deep dive into AI in cybersecurity, examined the legal and ethical challenges, and explored how to integrate this emergent technology into practice. Participants gained practical insights through synthesizing exercises. Speakers included: John Comacchio, SVP and CIO, Teknion Sam Ip, Partner, Osler, Hoskin & Harcourt LLP Kristina Nauss, Chief Privacy Officer, Holt Renfrew Jake Effoduh, Assistant Professor Lincoln Alexander School of Law Cherlene Tay, Manager, Digital Governance Standards Development, Digital Governance Council

This symposium is accredited by the Law Society of Ontario for 5.5 hours of Substantive Content and 1 hour of EDI Professionalism Content.

Program Chairs

Imran Ahmad

Partner, Head of Technology, Co-Head of Information Governance, Privacy and Cybersecurity

Norton Rose Fulbright Canada LLP

Noemi Chanda

Partner, Data Protection and Privacy Leader, Cyber Risk

Deloitte LLP

What you'll gain on completion

LSO Accreditation

The Lincoln Alexander School of Law is an accredited provider with the Law Society of Ontario. A total of 35 hours and 45 minutes can be claimed. 

This program contains:

  • Substantive Content – 32 hours and 45 minutes
  • Professionalism Content – 2 hours
  • EDI Professionalism Content – 1 hour

Certificate of Program Completion

Attendees will receive a certificate upon completion of this program. Participants must attend all program modules and participate in small group and online activities to receive their certificate.

Register now
Program website

Group Discounts

Group discounts are available. Organizations sending 2-10 attendees are entitled to a 10% discount. For larger groups please get in touch for available discounts. If you wish to receive an invoice or to register as a group, please contact: LincolnLawPD@torontomu.ca.

Refund Eligibility

  • Full Refund: A full refund is available up to three weeks before the program start date.
  • Partial Refund: After the three-week period, a refund minus a $300 processing fee is available until the start date.
  • No Refund: No refunds are available once the program has begun.

Rogers Cybersecure Catalyst is Toronto Metropolitan University’s national centre for training, innovation and collaboration in cybersecurity.

Join the Catalyst community by subscribing to our newsletter

Stay connected and help shape the cybersecurity ecosystem.

© Rogers Cybersecure Catalyst

Accessibility

Terms Of Service

Notice of Collection

Register your interest

Imran Ahmad

Imran advises clients across all industries on a wide array of technology-related matters, including outsourcing, cloud computing, SaaS, strategic alliances, technology development, system procurement and implementation, technology licensing and transfer, distribution, open source software, and electronic commerce. As part of his cybersecurity practice, Imran works with clients to develop and implement strategies related to cyber threats. He advises on legal risk assessments, compliance, due diligence, security, and data breach incident preparedness and response. Imran often acts as “breach counsel” in the event of a cybersecurity incident, and has extensive experience in managing complex cross-border security incidents. He also provides representation in the event of an investigation, enforcement action or litigation. Imran is the author of Canada’s first legal incident preparation and response handbook Cybersecurity in Canada: A Guide to Best Practices, Planning, and Management, 2nd Edition (LexisNexis, March 2021).

Noemi Chanda

Noemi is a Partner in Deloitte’s Data Protection and Privacy practice in Toronto. She provides privacy, data protection, and cyber strategy services for organizations seeking to deliver new and better services for their clients and the community, advising in the areas of regulatory compliance, data protection, information privacy, and risk management. She specializes in serving technology, healthcare, retail, and public sector clients participating in new initiatives that involve the collection or use of personal information.

Prior to Deloitte, she articled at Borden Ladner Gervais LLP and was a Visiting Researcher at the University of Washington Tech Policy Lab, where she looked at privacy in the context of the Internet of Things, AI, connected and autonomous vehicles, and robotics. Noemi holds a BA from the University of Waterloo, a Master’s in Economic Policy from McMaster University, and a law degree from the University of Toronto Faculty of Law. She is licensed to practice law in Ontario.