Certificate in Cybersecurity & the Law

Registration for the certificate has closed. To register your interest, click here

Cybersecurity & the Law: Risk Management in the Digital Economy

In today’s digital landscape, the risks to cybersecurity are ever-present and constantly evolving. As cyber threats become more sophisticated, the need for corporate leaders and legal professionals well-versed in the intricacies of cybersecurity and AI is paramount.

Our certificate program, Cybersecurity & the Law: Risk Management in the Digital Economy, launched in collaboration with Lincoln Alexander School of Law at Toronto Metropolitan University, is your shield against these risks.

We empower our participants to navigate the legal complexities of cybersecurity, assess and manage risks, and provide expert guidance in crisis situations.

Who should attend?

Senior Leaders and Managers, Technology Team Leads, and In-House / Corporate Counsel

This certificate program is aimed at business professionals and mid- and senior-level lawyers who hold primary responsibility for advising corporations about integrating cybersecurity best practices into operations. This program fosters a deeper dive into understanding the legal implications of client cyber risks, including case law, and regulatory landscapes. Participants learn how to deliver legal advice during cybersecurity incidents and gain expertise in data protection mechanisms, crisis management and post-incident analysis.

What you’ll learn

Upon completion, participants will have the knowledge and key competencies to support their ability to provide foundational advice on legal cybersecurity and privacy issues – from prioritizing operational action plans that help to avoid legal consequences, to mitigating liability while recovering from a cyber incident. Participants will be equipped to rapidly acquire and assess mission-critical information, formulate and implement action plans, effectively evaluate success and adapt accordingly, and function confidently as organizational advisors.

Module 1
Understanding Technology in Contemporary Business
Date & Time: Registration for this module has closed.
Mode of Delivery: In-Person / Virtual

This module concentrated on understanding the vital intersection of technology and contemporary business. Participants delved into the client-based approach to cybersecurity needs, grasped the relevance of organizational missions and governance, explored technology infrastructure and data types, and analyzed threat and risk assessments. Interactive lectures, group activities, and scenario-based exercises enabled participants to define business contexts, map technology, and provide legal insights, strengthening their ability to align technology with legal considerations
Module 1
Module 2
Assessing Legal Risks in Cybersecurity
Date & Time: Registration for this module has closed.
Mode of Delivery: Virtual

Online Module 2 zeroed in on assessing legal risks in the realm of cybersecurity. Participants identified legal implications related to client cyber risk, examined the information/data regulatory landscape encompassing privacy laws and data protection, and learned to provide relevant legal advice based on an organization's cybersecurity posture. Through pre-recorded sessions, panel discussions, and case studies, attendees gained a comprehensive understanding of legal intricacies, enabling them to offer informed guidance.
Module 2
Module 3
Privacy, Data, and Information Protection
Date & Time: Registration for this module has closed.
Mode of Delivery: Virtual

In Module 3, the focus shifted to privacy, data, and information protection within the digital economy. Participants examined various types of data and their protection, explored regulatory requirements, and engaged in a case study exercise. By completing privacy impact assessments and evaluating compliance, participants developed the skills needed to advise organizations on data protection while navigating complex regulatory landscapes.
Module 3
Module 4
Supporting a Client in Crisis: Advising in Cybersecurity Incident Response Date & Time: Registration for this module has closed.
Mode of Delivery: Virtual

Module 4 delved into the crucial role of legal counsel in supporting clients during cybersecurity crises. Participants learned about crisis management and communications, explored tools and techniques for advising clients in crisis, and engaged in a tabletop exercise to simulate a basic breach scenario. By understanding the incident response process, participants became better prepared to deliver legal advice and manage post-incident legal issues effectively.
Module 4
Symposium
Symposium: Legal and Ethical Challenges and Opportunities of AI in Cybersecurity

Date & Time: Registration for the symposium has closed.
Mode of Delivery: In-Person (Ted Rogers School of Management) or Zoom

In this symposium, participants took a deep dive into AI in cybersecurity, examined the legal and ethical challenges, and explored how to integrate this emergent technology into practice. Participants gained practical insights through synthesizing exercises. Speakers included: John Comacchio, SVP and CIO, Teknion Sam Ip, Partner, Osler, Hoskin & Harcourt LLP Kristina Nauss, Chief Privacy Officer, Holt Renfrew Jake Effoduh, Assistant Professor Lincoln Alexander School of Law Cherlene Tay, Manager, Digital Governance Standards Development, Digital Governance Council

This symposium is accredited by the Law Society of Ontario for 5.5 hours of Substantive Content and 1 hour of EDI Professionalism Content.
Symposium

Program Chairs

Imran Ahmad

Partner, Head of Technology, Co-Head of Information Governance, Privacy and Cybersecurity

Norton Rose Fulbright Canada LLP

Noemi Chanda

Partner, Data Protection and Privacy Leader, Cyber Risk

Deloitte LLP

Who you’ll learn from

Cherlene Tay
Manager
Digital Governance Standards Development, Digital Governance Council
Jake Effoduh
Assistant Professor
Lincoln Alexander School of Law
Kristina Nauss
Chief Privacy Officer
Holt Renfrew
Sam Ip
Partner
Osler, Hoskin & Harcourt LLP
Rajiv Gupta
Associate Head
Canadian Centre for Cyber Security
Murali Vigendran
Virtual CISO, Cyber Risk Researcher, Responsible AI SME, Gen AI Implementation
SigmaRed Technologies
James Stewart
CEO - Founder
TrojAI
Jeff Schwartzentruber
Sr. Machine Learning Scientist
eSentire
Sundeep Sandhu
Vice President, Cyber Security & CISO
Rogers Bank, Rogers Communications
Molly Reynolds
Partner
Torys LLP
Ruth Promislow
Partner
Bennett Jones LLP
Melanie Power
Detective Staff Sergeant, Manager Cyber Crimes Investigations Team
Ontario Provincial Police
Laurie Pezzente
Senior VP, IT Risk
RBC
Sarah Muttitt
Vice-President and Chief Information Officer
UHN
Charles Muggeridge
FleishmanHillard HighRoad
Author
Kevin Magee
CSO
Microsoft
Shurouq Hijazi
Director
KeyData Associates
Naveen Hassan
Associate General Counsel & Director, Privacy and Risk Management
The Hospital For Sick Children
Sunny Handa
Partner, Head of Technology, Co-Head of Information Governance, Privacy and Cybersecurity
Blakes
John Comacchio
Senior Vice President and Chief Information Officer
Teknion
Jason Ball
Vice President Legal
Rogers Communications
Imran Ahmad
Partner, Head of Technology, Co-Head of Information Governance, Privacy and Cybersecurity
Norton Rose Fulbright Canada LLP

What you'll gain on completion

LSO Accreditation

The Lincoln Alexander School of Law is an accredited provider with the Law Society of Ontario. See below the eligible hours you may claim.

This program contains:

  • Substantive Content – 32 hours and 45 minutes
  • Professionalism Content – 2 hours
  • EDI Professionalism Content – 1 hour

 

Total: 35 hours and 45 minutes

Certificate of Program Completion

Attendees will receive a certificate upon completion of this program. Participants must attend all program modules and participate in small group and online activities to receive their certificate.

Contact

For any questions about the program, please email Bernard Sandler at bsandler@torontomu.ca

Register your interest

Imran Ahmad

Imran advises clients across all industries on a wide array of technology-related matters, including outsourcing, cloud computing, SaaS, strategic alliances, technology development, system procurement and implementation, technology licensing and transfer, distribution, open source software, and electronic commerce. As part of his cybersecurity practice, Imran works with clients to develop and implement strategies related to cyber threats. He advises on legal risk assessments, compliance, due diligence, security, and data breach incident preparedness and response. Imran often acts as “breach counsel” in the event of a cybersecurity incident, and has extensive experience in managing complex cross-border security incidents. He also provides representation in the event of an investigation, enforcement action or litigation. Imran is the author of Canada’s first legal incident preparation and response handbook Cybersecurity in Canada: A Guide to Best Practices, Planning, and Management, 2nd Edition (LexisNexis, March 2021).

Noemi Chanda

Noemi is a Partner in Deloitte’s Data Protection and Privacy practice in Toronto. She provides privacy, data protection, and cyber strategy services for organizations seeking to deliver new and better services for their clients and the community, advising in the areas of regulatory compliance, data protection, information privacy, and risk management. She specializes in serving technology, healthcare, retail, and public sector clients participating in new initiatives that involve the collection or use of personal information.

Prior to Deloitte, she articled at Borden Ladner Gervais LLP and was a Visiting Researcher at the University of Washington Tech Policy Lab, where she looked at privacy in the context of the Internet of Things, AI, connected and autonomous vehicles, and robotics. Noemi holds a BA from the University of Waterloo, a Master’s in Economic Policy from McMaster University, and a law degree from the University of Toronto Faculty of Law. She is licensed to practice law in Ontario.