HUMAN ASPECTS TRACK | Oct. 11 • 11:00 pm • Room 20–21

To view the complete
list-to-date of sessions and speakers, visit the
Session Speakers page

The Rise of Privacy: Complying with GDPR in the United States

Introduction: Mauritz Plenby, Vice Consul, Information Economy & Creative Industries with the British Consulate-General Miami

Moderator: Mark Lotito, Associate General Counsel, ConnectWise


  • Gene Geiger, Co-Founder & President, A-LIGN
  • Loni Hagen, PhD, Assistant Professor, University of South Florida
  • Thomas Hofer, President/CEO, Medved Consultants
  • M. Lisa Shasteen, Co-Founder & CEO, Shasteen & Percy, PA

The European Union’s General Data Protection Regulation (GDPR) has changed the legal landscape for cybersecurity globally. US businesses are not immune to this regulation or its penalties. This panel of GDPR experts will examine what it means for your business and explore the latest developments. You will learn to recognize when GDPR applies, to identify areas that could be risks, and how to implement a new legal framework in your organization to mitigate those risks.

About the Panelists

Mark Lotito joined ConnectWise, a software company founded and headquartered in Tampa, in December 2014 as the Associate General Counsel. He joined ConnectWise from CA Technologies where he had served as Vice President and Senior Counsel.  

Mark graduated from Hamilton College in 1998 with a degree in history, from Dowling College in 2001 with an MBA in banking and finance, and from Touro Law in 2006. He is admitted to the New York State Bar. His practice has focused exclusively as in-house counsel at both a Fortune 500 software company for over seven years and at an emerging growth company and has successfully completed hundreds of complex contract negotiations with multinational corporations. 

Dr. Loni Hagen is an Assistant Professor at the School of Information at the University of South Florida. She received degrees in law, information studies (specialized in information law), and earned her PhD in information science from University at Albany, SUNY. She worked for Korean National Police Agency over a decade. Her primary research focuses on adopting machine learning and artificial intelligence for policy making and discussing the implications of these technologies on policy improvement. Her current domains of interest are e-participation, privacy, cybersecurity, and health emergency communication.

M. Lisa Shasteen is Co-Founder and CEO of Shasteen & Percy, P.A., a law firm focused on cybersecurity and data privacy. She is former Senior Vice President and General Counsel for an international investment and merchant bank focused on digital and technology companies with 17 offices worldwide and $3 billion under management. While there, she was also a member of the Board of Directors of the International institute of Communications based in London with membership spanning over 150 countries. The IIC fosters global communication and cooperation among regulators, communication and technology company executives, and academic leaders in the communication space. Prior to her work there, she had established her own law firm after practicing law in Tampa at Rudnick & Wolf and Foley & Lardner.

Lisa has a Juris Doctor degree from Stetson University College of Law and trained in cybersecurity at Georgetown University. Her practice focuses on data privacy law and cybersecurity strategy, including the preparation of information security and breach response plans, performance of risk assessments, the development of training systems, and plan implementation at the C-suite and boardroom level. 

Lisa has published many articles, including one on the use of technology to change the economic base of a society published by The Wall Street Journal Asia. In addition to membership in other notable organizations, Lisa is an active member of the American Committee on Foreign Relations, a lifetime member of the Armed Forces Communications and Electronics Association (AFCEA), a member of the Electronic Crimes Task Force, a member of the Florida Bar, the American Bar Association and its Technology Committee, and the International Association of Privacy Professionals. She also sits on the Board of Directors of the Tampa Bay Chapter of InfraGard, a public-private partnership with the FBI with a mission of information sharing to protect the security of America’s 16 critical infrastructure sectors against security threats, including threats to cybersecurity.

Thomas Hofer retired from the federal government in June 2014 with nearly 40 years combined military and federal service as a U.S. Army Military Intelligence officer and from 2004–2014 as an Operations Officer with the Central Intelligence Agency. 

Post retirement, Mr. Hofer established Medved Consultants LLC, a Florida-based firm specializing in information security assessments and support to intelligence operations. In 2018, Mr. Hofer drafted the documentation necessary to bring a Belgian-based cloud organization into compliance with the EU’s new data privacy regulation. Mr Hofer is currently the Data Protection Officer (DPO) for a European Union cloud service company.

Gene Geiger is the Co-Founder and President of A-LIGN and has over 20 years of experience implementing and assessing information technology controls. With his extensive background, Gene currently leads the firm’s entire service delivery team, overseeing the compliance, cybersecurity, cyber risk, and privacy practices. Additionally, Gene is responsible for the development of new service lines and works to build effective assessment methodology for these services. With several distinguished designations, Gene’s expertise has positioned him as a known thought leader. He has spoken at conferences and industry events, including the HITRUST Annual Conference, HostingCon Global, Card Not Present, ISACA’s Geek Week Conference, and MISTI/ITAC. Prior to joining A-LIGN, Gene was responsible for the compliance of a Fortune 500 processor’s debit and credit card processing division. Gene has also served as an executive at a “Big 4” accounting firm providing risk-based security and attestation services to enterprise level clients.