The Catalyst Cyber Clinic: Katie Gibson’s mission to protect Canada’s non-profits from cyber threats

Ritesh Kotak is a technologist, legal advisor, and media contributor whose career bridges public safety, emerging technology, and innovation. Raised in an entrepreneurial family and grounded in the food manufacturing industry, he developed a deep appreciation for business and tech-integration from an early age. After starting his professional career in policing, he spent over seven years specializing in cybercrime and public safety innovation—he then transitioned to working in Big Tech, driving initiatives in IoT, cybersecurity, and intelligence. Ritesh holds a Bachelor’s of Business Administration from the University of Toronto, a Master’s in Business Administration from the University of Edinburgh and a Juris Doctor from the University of Ottawa. He now practices law, advising on complex matters from cyber breaches to corporate litigation. He’s appeared twice before Canadian Parliamentary Committees as a subject matter expert on digital competitiveness, with his insights featured in national and global media.

Dr. Janos Botschner is the principal of HumInsight and a Senior Associate with the Community Safety Knowledge Alliance. Janos is a social scientist by training. He previously held senior positions in the broader public sector, including: as the founding director of a community-based research institute; as a civil servant; and as an academic administrator and adjunct graduate faculty member. He is a published author and applied researcher working at the intersection of issues impacting the safety and well-being of our communities and Canadian society. Janos recently led the multi-year Cyber Security in Canadian Agriculture initiative which was funded, in part, by Public Safety Canada. He currently co-chairs Agriculture and Agri-Food Canada’s Agriculture Cyber Security Working Group, comprised of stakeholders and experts from federal, provincial and territorial governments, academia and industry.

Sem is a former senior advisor to two Canadian Prime Ministers, represented Canada at the World Economic Forum and the G20 Youth Summit on cybersecurity. Developer of 30+ AI, cyber, privacy, and anti-human trafficking courses delivered through institutions across North America and Europe. Senior advisor and consultant to the UN Capital Development Fund, EU, various government departments federally, provincially, municipally, not-for-profits, and diverse public/private sector clients throughout North America, South America, and Europe. Published author of three best-practice manuals on cybersecurity and privacy governance, with a fourth book underway. Frequent keynote speaker and trusted expert on building secure, privacy-first strategies in an AI-driven world.

Gord Howells leads the technology function for Sofina Foods Canada, a global company headquartered in Markham, Ontario and one of the country’s leading manufacturers of primary and further processed protein products. Over his twenty-year career, he has extensive experience developing and executing technology strategies in a diverse range of business environments. Gord has been an advisor to Toronto-area startups, sits as a board member on multiple technology advisories and has been a regular speaker on cyber security for asset-intensive industries.

Manpreet is a regulatory and privacy lawyer with a distinctive cross-disciplinary practice spanning life sciences, technology, food, cosmetics, and agribusiness. She provides expert guidance on complex regulatory matters including marketing, packaging, and post-market compliance, including responding to enforcement actions by government regulators. Manpreet also advises on a broad range of issues relating to the delivery of health services across Canada such as clinical trials, patient support programs, and telemedicine. As part of her privacy practice, she advises clients on data governance practices and navigating requirements around data processing and the use of AI and digital tools. Her experience also extends to drafting and negotiating agreements for various commercial arrangements including licensing, supply and services agreements. Drawing on her scientific training and in-house experience, Manpreet offers clients strategic and technically grounded advice.

Roohie Sharma is Legal Counsel (Privacy) at The Hospital for Sick Children (SickKids), where her practice focuses on privacy matters across the legal, risk, and research portfolios. In this role, she advises on compliance and risk management strategies in the healthcare context, including breach investigation and response, GDPR considerations, policy drafting, and general privacy advice. Roohie is co-chair of the Ontario Hospital GDPR working group, and enjoys collaborating with her peers across the industry on privacy matters. Prior to joining SickKids, Roohie was an associate at an international law firm, specializing in cybersecurity breach response and privacy matters. Before law, Roohie completed a Master of Science in neuroscience at McMaster University, and is published in several peer-reviewed journals.

Dr. Jeff Schwartzentruber is a Staff Machine Learning Scientist at eSentire, where he develops advanced AI-driven approaches for threat detection and security analytics in the Managed Detection and Response (MDR) space. Over the past decade, his work has focused on the intersection of cybersecurity and machine learning, supporting large financial institutions, federal public sector agencies, and small-to-medium enterprises. In addition to his role at eSentire, Dr. Schwartzentruber holds academic appointments as Adjunct Faculty in the Department of Computer Science at Dalhousie University and as Special Graduate Faculty in the School of Computer Science at the University of Guelph. He also serves as a Research Fellow and Senior Advisor on AI with the Rogers Cybersecure Catalyst at Toronto Metropolitan University.

Daanish Samadmoten is a member of Fasken’s Privacy and Cybersecurity group and serves as the firm’s Chief Privacy Officer. He provides strategic counsel on privacy compliance, cybersecurity risk management, breach response, and privacy litigation. Daanish regularly advises clients and boards on governance and cybersecurity responsibilities, often collaborating with cybersecurity professionals to assess risk and develop incident response plans. He has guided organizations through some of Canada’s most high-profile data breach incidents, including ransomware attacks, cyber extortion, malware and phishing schemes, payment card breaches, and insider threats. His practice also includes freedom of information matters, where he assists clients in both obtaining and protecting sensitive information in regulatory proceedings. With a background in civil, commercial, and administrative litigation, he integrates litigation risk considerations into his privacy advisory work. Daanish is a Certified Information Privacy Manager (CIPM), teaches cybersecurity and artificial intelligence at the University of Toronto Faculty of Law, and has been recognized by Best Lawyers, Lexpert, and Benchmark Litigation.

Molly Reynolds is a partner at Torys LLP with extensive experience in privacy, data protection, cybersecurity, and AI-related legal matters. She advises clients on data governance strategies, privacy law compliance, breach preparedness and response, internal investigations, and the management of confidential information. Molly represents organizations in regulatory investigations and administrative proceedings under privacy, anti-spam, and access to information legislation, as well as in privacy-related civil litigation and class actions. She is called to both the Ontario and New York bars, allowing her to provide integrated counsel on cross-border data protection and AI governance. Molly’s practice spans a range of sectors including financial services, telecommunications, technology, retail, and law enforcement. She has advised on matters such as breach response for fintech and retail organizations, privacy implications of body-worn police cameras, and compliance programs under Canada’s anti-spam laws. She also supports clients on cybersecurity risk assessments, records management, and emerging issues in digital ethics.

Ruth Promislow is a partner at Bennett Jones LLP with over two decades of experience in complex commercial litigation and a specialized focus over the past ten years on privacy, data protection, cybersecurity, and fraud. Her advisory work encompasses regulatory compliance with privacy and emerging technology legislation, data governance, breach preparedness and response, and commercial and regulatory disputes. She advises global clients across sectors including financial services, technology, healthcare, retail, insurance, and hospitality. Ruth regularly assists with cybersecurity incident response, risk assessment in transactions involving data, and legal strategies for managing cyberattacks. Her work has earned recognition from Chambers Canada, and she plays a leadership role in international forums and initiatives. Ruth is an adjunct professor at the University of Toronto Faculty of Law, where she teaches cybersecurity and artificial intelligence, and contributes to organizations such as the FBI/RCMP Cybercrime Exchange, MasterCard Emerging Leaders Cyber Initiative, and the United States Cybersecurity Leaders’ Roundtable.

Detective Inspector Melanie Power is the Manager of the Ontario Provincial Police Cyber Operations Section (COS) comprised of a diverse mix of uniformed investigators and civilian technical analysts. Our mandate is to provide excellence in specialized digital forensic investigative support. COS is also responsible for the administration of the O.P.P. Cyber Strategy with a mission to manage risks, reduce threats, and minimize harm caused by crime involving digital technologies. Melanie oversees the O.P.P. Artificial Intelligence Working Group and is a co-chair of the National Police Service Cyber Committee. Melanie in her current role hopes to bring representatives from law enforcement, business, and academia together to enhance our awareness and overall investigative impact.

Iain Paterson is Chief Information Security Officer at WELL Health Technologies Corp., where he oversees security strategy across a wide-ranging network of primary care facilities, EMR systems, and healthcare technology units. With over two decades of experience in cybersecurity, he has held senior roles in the banking, healthcare, and public sectors. Prior to joining WELL, he served as CEO and Managing Director of Cycura, a cybersecurity firm specializing in offensive security and incident response, which was acquired by WELL in 2020. He has also held leadership roles at eHealth Ontario, Trillium Health Partners, and TD Bank Group, where he managed enterprise-scale vulnerability assessment and threat management programs. Iain has served on the RCMP Cyber Crime working committee and the Halifax Forum’s Peace with Women Fellowship selection committee. He holds certifications from ISC2, SABSA, and ISACA, and an MBA from Athabasca University. He regularly contributes to cybersecurity discourse through conferences and professional communities.

Dr. Sarah Muttitt is Vice President of Information Management and Technology and Chief Information Officer at the Hospital for Sick Children. With over three decades of healthcare experience and nearly twenty years in eHealth, she has held senior leadership roles across Canada and internationally. Dr. Muttitt served as Chief Medical Information Officer at Alberta Health Services and was previously CIO for Singapore’s Ministry of Health, where she led the implementation of the National Electronic Health Record. In Canada, she has held executive roles at Canada Health Infoway, Winnipeg Regional Health Authority, and several consulting firms. Since 2020, she has also served as CIO for the University Health Network and Kids Health Alliance. A trained physician with an MBA, Dr. Muttitt brings a comprehensive understanding of clinical systems, healthcare delivery, and digital transformation. She has authored numerous publications on eHealth, electronic health records, and telehealth, and continues to lead innovation in digital health infrastructure.

Dr. Avner Levin is a professor at the Lincoln Alexander School of Law and is cross-appointed to the Department of Law & Business at the Ted Rogers School of Management. He is a founding faculty member of the law school and has held several senior administrative roles at Toronto Metropolitan University, including interim dean of the Ted Rogers School of Management and interim vice-provost of faculty affairs. He is also the founding director of both the Law Research Centre and the Privacy and Cyber Crime Institute. Dr. Levin’s academic work focuses on privacy law, technology and the law, the legal profession, and tort law. His research has been funded by agencies including the Social Sciences and Humanities Research Council, the Office of the Privacy Commissioner of Canada, and Public Safety Canada. He has published widely in academic journals and is co-author of The Law of Employee Use of Technology, co-written with Howard Simkevitz.

Michael Laing is Chief Information Security Officer at Rogers Bank and Senior Director of Cyber Security at Rogers Communications. With over a decade at Rogers, he has advanced through multiple leadership roles, developing and overseeing enterprise-wide cybersecurity strategies, vendor assessments, PCI and SOC-2 compliance, and cyber risk remediation. He leads a team of over 40 professionals and supports the cybersecurity needs of Rogers Bank and affiliated services. Prior to his current position, he managed IT SOX and PCI programs, enhanced third-party security practices, and restructured Rogers’ PCI compliance framework for secure credit card transactions. Earlier roles at Rogers included leading SOC2 audits and optimizing IT control frameworks. Before joining Rogers, Michael was a Senior Consultant in IT Risk Services at Deloitte, where he advised on IT controls and systems integration. He also worked at Clarity Systems on XBRL financial reporting implementations and began his career at KPMG as a financial institutions auditor.

Mona Kumar is Senior Legal Counsel at Canada Mortgage and Housing Corporation (CMHC). She has over 20 years of legal experience in the private, public, and non-profit sectors, with a focus on cybersecurity, privacy, artificial intelligence, and new technology compliance. At CMHC, she provides legal advice across corporate and regulatory areas. Prior to this role, Mona held senior legal positions at PointClickCare, Securitas Canada, PwC, and McMillan LLP. Her work has included contract negotiation, regulatory assessment, litigation management, corporate governance, and enterprise risk strategy. She has managed legal operations in large matrixed organizations and worked internationally, including in roles involving outsourcing, M&A, and privacy law. Mona has served on corporate and non-profit boards and is currently a trustee and executive committee member of the Canadian Museum of Immigration at Pier 21. She holds an MBA and has multilingual capabilities that support her work in global legal contexts.

Jasbir Kooner is Director of IT – Artificial Intelligence and Cybersecurity at Englobe Corp, where she leads initiatives integrating AI applications and cybersecurity frameworks. She holds a degree in computer science and an MBA from Concordia University and is currently pursuing a PhD with a research focus on digital misinformation and the societal implications of artificial intelligence. Jasbir has experience in e-commerce, business data analysis, and risk management and has led strategic technology projects across multiple sectors. She is a Fellow of the Rogers Cybersecure Catalyst Mastercard Emerging Leaders Cyber Initiative, where she contributes to mentoring and community engagement in the cybersecurity field. Her work combines technical expertise with an emphasis on governance and equity in AI deployment. She has also contributed to organizational strategies for digital transformation, focusing on aligning IT operations with ethical and security-focused objectives.

Vivek Khindria, President  and Principle Consultant of Risk Embrace Inc., was the former Senior Vice President of Cyber Security, Network, and Technology Risk at Loblaw Company Limited. Vivek has earned his Chartered Director designation from McMaster’s DeGroote’s school of business program on board governance. He also holds CISSP, CISM, and a BSc. Vivek has been leading large-scale security, network, cloud migration, and technology risk programs for one of Canada’s largest businesses, with $62+ billion in annual revenue. Loblaw has over 22 brands, more than 230,000 employees, and 3,000+ stores and clinics across retail, pharmacy, beauty, healthcare, banking, transport, and media—plus Canada’s largest loyalty program. Over his career, Vivek has held technology and cyber leadership roles at McMaster University, BMO, CIBC, and Bell. He is both a hands-on technical expert and an international speaker on cyber security, with field tested experience in incident response, cyber security testing, cloud security, PCI-DSS compliance, AI governance, and quantum computing readiness.

He was a founding contributor to the Canadian Cyber Threat Exchange (CCTX.ca), helping Canadian businesses share threat data and best practices. From 2016 to 2024, he represented Canada on the Information Security Forum Advisory Council, a global coalition of Fortune 500 firms focused on cyber security research and solutions. Known for making complex topics accessible, Vivek continues to guide C-suite, boards, and startups in understanding and managing technology risks including artificial intelligence, cyber security, incident response, security operations, quantum computing, network, cloud, IoT, OT, identity, cryptography and resilience.

Anthony Hémond is Senior Privacy Counsel at Air Canada, where he provides legal advice on the protection and handling of personal information at an international level. He supports the airline’s compliance, procurement, and cybersecurity functions and advises on legal considerations related to the development and use of artificial intelligence systems. Prior to joining Air Canada, Anthony was part of the Privacy and Protection of Personal Information team at Borden Ladner Gervais (BLG), advising on Canadian and European privacy regulations, governance frameworks, and incident response. Earlier in his career, Anthony served as senior legal counsel for a major Quebec telecommunications company, where he was responsible for the privacy management program and participated in executive-level decision-making on privacy matters. He also worked on class action files alongside external counsel. He holds an LL.M. in IT Law from the University of Montréal and a D.E.A. in immaterial creations from Montpellier University in France.

Sunny Handa is a Partner at Blake, Cassels & Graydon LLP and serves as the National Practice Group Leader for both the Technology and Communications Law groups. He is also a senior member of the firm’s Cybersecurity practice. Sunny advises clients on a range of matters including mergers and acquisitions involving technology companies, information technology and intellectual property law, e-commerce, and regulatory compliance. He provides guidance on data governance, breach response, and cybersecurity risk management, and regularly acts as breach coach for organizations across sectors. His practice includes advising on privacy and technology issues for clients in the defence and life sciences industries. Sunny is involved in structuring legal frameworks for commercial data protection and often works on cross-border files. He has extensive experience providing legal support to large-scale transactions and regulatory proceedings involving digital infrastructure and emerging technologies. Sunny is also a professor of law (adj.) at McGill University, where he has taught Cybersecurity Law and continues to teach Communications Law.

Kathrin Gardhouse is an AI Governance Research Fellow in the EU team of The Future Society. The focus of her work lies on general-purpose AI policy and advocacy to shape and implement strong regulation to protect society from AI-related systemic risks. She also volunteers as the Policy Lead at AI Governance and Safety Canada where she contributes to public consultation responses on federal and provincial AI governance, develops and teaches a course on Canadian AI policy, and briefs the government on risks from advanced AI. Kathrin is a Germany- and Ontario-trained lawyer and certified AI governance and privacy professional. She previously served as the VP AI and Data Governance at Etika Privacy, the data protection officer at PrivateAI, and the senior manager for privacy risk and data governance at a Toronto bank. She is also completing a philosophy PhD that investigates the social-philosophical underpinning of AI agency for liability purposes.

Adam Evans is Senior Vice President (SVP) and Chief Information Security Officer (CISO) for RBC.  As CISO, Adam sets RBC’s cyber vision, strategy and program to reduce cyber risks and keep clients, employees, and systems safe. He manages an evolving threat landscape and the global expansion of cyber security services as RBC’s businesses continue to digitize. Adam is responsible for developing cyber solutions that can adapt to the evolving risks of next-generation cyber threats, leveraging machine learning, artificial intelligence, and behavioural analysis to prevent attacks with increased efficiency and speed. He leads RBC in managing cyber incidents and implementing incident response and red team exercises to identify and strengthen vulnerabilities and improve RBC’s cyber resilience. With over 20 years of experience in the financial services industry as a security professional, Adam is recognized as a thought leader in cyber security and global defense.

Jake Effoduh is an Assistant Professor at the Lincoln Alexander School of Law, where his research focuses on the intersections of artificial intelligence, human rights, and international law. He has contributed to AI policy development and regulation in several countries, including the United States, Brazil, and Nigeria. Prior to joining the faculty, he served as Chief Counsel for the Africa–Canada AI and Data Innovation Consortium, where he led projects applying AI and big data in governance systems. He also coordinates a multi-year SSHRC-funded project, Canada’s Rights Role in Sub-Saharan Africa. Effoduh has held fellowships at Harvard Law School, Carnegie Mellon University, the University of Ottawa, and the University of Cape Town. He is the Production Editor of the Transnational Human Rights Review and a Vanier Scholar completing his PhD at Osgoode Hall Law School, examining the legitimization of AI in relation to human rights challenges in Africa.

Ben Davies is the Chief Information Officer at the Vector Institute for AI. With more than 25 years of experience, he has led IT strategy, cybersecurity governance, and digital transformation projects across North America, Europe, and Asia. His career spans the research, pharmaceutical, transportation, and managed IT services sectors. As the first CIO at the Perimeter Institute, he implemented a standards-based cybersecurity program and oversaw a comprehensive shift to a cloud-first IT infrastructure. At the Vector Institute, he manages enterprise IT in alignment with advanced AI research needs, emphasizing secure, high-performance computing. He is a certified Chief Information Security Officer and serves on the MCTI Industry Advisory Board at the University of Guelph. His international experience and leadership in technology and security have informed his work in both academic and enterprise settings, particularly in designing and overseeing resilient, research-driven digital environments.

Jason Ball is a senior legal executive at Rogers Communications, where he leads the company’s legal team across procurement, sales, corporate, real estate, and cyber security functions. He plays a key role in advising Rogers’ information security, business continuity, risk management, privacy, and data governance groups.

As the legal head of cyber incident response, Jason provides guidance to Rogers’ executive leadership and Board of Directors on cyber security matters. He regularly interacts with government bodies and industry groups on issues involving cyber security, fraud, public safety, and privacy.

Prior to joining Rogers, Jason practiced at a Toronto law firm advising on commercial, privacy and health matters. He holds a law degree from Osgoode Hall and a BSc in Biochemistry from the University of Alberta.

Noemi is a Partner in Deloitte’s Data Protection and Privacy practice in Toronto. She provides privacy, data protection, and cyber strategy services for organizations seeking to deliver new and better services for their clients and the community, advising in the areas of regulatory compliance, data protection, information privacy, and risk management. She specializes in serving technology, healthcare, retail, and public sector clients participating in new initiatives that involve the collection or use of personal information.

Prior to Deloitte, she articled at Borden Ladner Gervais LLP and was a Visiting Researcher at the University of Washington Tech Policy Lab, where she looked at privacy in the context of the Internet of Things, AI, connected and autonomous vehicles, and robotics. Noemi holds a BA from the University of Waterloo, a Master’s in Economic Policy from McMaster University, and a law degree from the University of Toronto Faculty of Law. She is licensed to practice law in Ontario.

Melissa heads the Strategic Services group, providing cyber solutions for RBC’s 96,000 employees, subsidiaries, and 17 million clients. A results-driven leader, she excels in high-risk project delivery for large organizations. With extensive IT management experience, she’s skilled in needs assessments, software development, and infrastructure. Melissa fosters productivity and stakeholder relationships. Throughout her career, Melissa has developed identity strategies, implementing them across Canada’s top banks and consulting on 50+ IAM programs in North America. As WiD Global Board Vice Chair, she merges her passions for advancing people and tech, aiming to eliminate biases. A diversity advocate, Melissa leads LGBTQ+ efforts at RBC. She is a frequent speaker at global events and is the recipient of awards including Globe and Mail Best Executives 2022, Women In IT awards, and IT World Canada Top 20 Women in Cyber Security 2021.

Imran advises clients across all industries on a wide array of technology-related matters, including outsourcing, cloud computing, SaaS, strategic alliances, technology development, system procurement and implementation, technology licensing and transfer, distribution, open source software, and electronic commerce. As part of his cybersecurity practice, Imran works with clients to develop and implement strategies related to cyber threats. He advises on legal risk assessments, compliance, due diligence, security, and data breach incident preparedness and response. Imran often acts as “breach counsel” in the event of a cybersecurity incident, and has extensive experience in managing complex cross-border security incidents. He also provides representation in the event of an investigation, enforcement action or litigation. Imran is the author of Canada’s first legal incident preparation and response handbook Cybersecurity in Canada: A Guide to Best Practices, Planning, and Management, 2nd Edition (LexisNexis, March 2021).