The ACC Top 10 30-Somethings awards recognize in-house counsel between the ages of 30 and 39 for their innovation, global perspectives, proactive practice, advocacy efforts, and pro bono and community service work.
When it was time to consider her career path, Alicia Dietzen broke with tradition and went straight in-house after law school. “I put all my eggs into one basket and went for it,” she jokes. But her efforts paid off, and Alicia joined the burgeoning Florida-based cybersecurity company KnowBe4, Inc. as its first in-house counsel.
In less than five years, Alicia has risen to general counsel, become an expert in cybersecurity and data privacy law, and supported KnowBe4’s expansion into 11 countries on six continents while simultaneously scaling the legal department 10-fold. She accomplished all this while building out a robust compliance program that would enable the company to successfully list on NASDAQ as of April 2021.
Given KnowBe4’s strategy to increase its global presence, Alicia made the early decision to onboard international legal hires who would be able to provide multilingual and local legal support to the business in multiple time zones. She schedules a standing daily meeting for the global team to foster collaboration. The meetings are an opportunity for her team to discuss updates and challenges they are facing. “As we continue to share our experiences, the knowledge we gain from one another guides our approach to success in the future,” she says. Together, her team has navigated acquisitions, entity formations, and large-scale deals.
Her approach to building the legal department — and shepherding it through challenges — has been “all about prioritization and creating a playbook,” Alicia explains. She has automated as many processes as possible to reduce request turnaround times and ramp up knowledge management. Her philosophy is if you have the information needed to complete a task, it will get done much faster.
Alicia and her team have been invaluable advisors to KnowBe4 on cybersecurity and data privacy law. In a field where regulations are constantly emerging nationally and internationally, Alicia continually pushes her understanding, even becoming a Certified Information Privacy Professional for Europe (CIPP/E) to support KnowBe4’s compliance with the EU General Data Protection Regulation and others.
KnowBe4 provides security awareness training to help clients manage the IT security problems of social engineering, spear phishing, and ransomware attacks. Their approach is that the last line of defense a company has against a cyberattack is their employees. As such, it makes sense that KnowBe4, which is constantly getting phished itself, adheres to a strict security and compliance culture internally. “If you have the luxury, go above and beyond when it comes to cybersecurity and data protection,” Alicia counsels.
The compliance program she has built touches all facets of the organization. “Every executive team member takes ownership of compliance,” Alicia says, and the internal controls team conducts audits of every major function. With the goal being to take the company public, Alicia sought to enhance their compliance program even further, building out rigorous due diligence, drafting out insider trading policies, and testing out risk mitigation controls. “Everything the public didn’t know before, they get to know now,” she says, “so you need to understand your company and where the risks lie.”
Having accomplished that, Alicia was excited to see the company go public. The success has her reflecting on her start at the company and in the industry. “I wish that a cybersecurity track had been there when I was in law school,” she admits. Not someone to let a good idea go to waste, Alicia connected with the dean of Stetson Law, her alma mater, to establish a Cybersecurity Law Program through the KnowBe4 Cybersecurity Law Program Fund. In addition to growing the program, the US$250,000 fund will fuel an annual US$5,000 merit-based scholarship for the next five years and provide KnowBe4 security awareness training to Stetson’s staff, faculty, and students.
The need for in-house experts in cybersecurity and data protection is not going away, and Alicia will be leading the next generation of talented lawyers who take up the mantle.