Women in Cybersecurity: A Conversation with Rinki Sethi, CISO of BILL

Rinki Sethi's impressive career spans two decades, during which she has held significant positions at major companies such as PG&E, Walmart, eBay, Intuit, Palo Alto Networks, IBM, Rubrik, and Twitter ...
Women in Cybersecurity: A Conversation with Rinki Sethi, CISO of BILL
Written by Rich Ord
  • In the rapidly evolving landscape of cybersecurity, the role of women continues to grow, inspiring future generations and reshaping the industry. In a recent episode of CISO Talk, host Steve Morgan sat down with Rinki Sethi, Vice President and Chief Information Security Officer (CISO) at BILL, a publicly traded leader in financial automation software for small and midsize businesses. The discussion, brought to you by Evolution Equity Partners, delved into Sethi’s career, the state of women in cybersecurity, and the ever-present challenges in the field.

    A Journey Through Cybersecurity

    Rinki Sethi’s impressive career spans two decades, during which she has held significant positions at major companies such as PG&E, Walmart, eBay, Intuit, Palo Alto Networks, IBM, Rubrik, and Twitter before joining BILL. “I’ve been here two and a half years, leading the IT and security organization,” she shared. Sethi’s extensive background and diverse experience have equipped her with a deep understanding of cybersecurity.

    Her journey into cybersecurity was somewhat serendipitous. “I graduated during a downturn in the economy, and job opportunities were scarce,” she recounted. A chance encounter at a recruitment event led her to a Pacific Gas and Electric role in their information protection department. “I talked to a hiring manager about my favorite cryptography class, and that conversation changed everything,” she said. This fortuitous start set the stage for a thriving career in cybersecurity.

    Sethi’s time at PG&E was a pivotal moment that shaped her career trajectory. “Working at PG&E gave me my first real taste of what cybersecurity entailed,” she explained. “I was fortunate to have mentors who guided me and provided opportunities to work on significant projects.” This foundation allowed her to build the skills to tackle more challenging roles at larger companies.

    At Walmart and eBay, Sethi honed her skills further, managing large teams and dealing with complex security challenges. “Each role brought its own set of challenges and learning experiences,” she noted. “At Walmart, I was responsible for securing a vast network, which required a deep understanding of both retail and technology. eBay was another beast altogether, dealing with high transaction volumes and ensuring the safety of user data.”

    Her subsequent roles at Intuit and Palo Alto Networks allowed her to delve deeper into the strategic aspects of cybersecurity. “Intuit was where I started to see the bigger picture, understanding how security fits into overall business strategy,” she said. “At Palo Alto Networks, I was at the forefront of developing advanced security technologies, which was incredibly exciting.”

    Transitioning to Rubrik and then Twitter marked Sethi’s entry into executive leadership roles. “Taking on the CISO role at Rubrik was a significant milestone,” she said. “It was a chance to lead and shape the security posture of a growing company.” Her experience at Twitter, particularly during high public scrutiny and security challenges, further solidified her reputation as a cybersecurity leader.

    Reflecting on her journey, Sethi emphasized the importance of adaptability and continuous learning. “Cybersecurity is an ever-evolving field,” she remarked. “You have to be willing to learn and adapt constantly. The threats change, the technology changes, and so must we.” Her career path underscores the dynamic nature of cybersecurity and the need for professionals to stay ahead of the curve.

    Sethi has also advocated for diversity and inclusion in the tech industry throughout her career. “Being one of the few women in many of these roles, I realized the importance of representation,” she said. “I’ve made it a point to mentor and support other women in cybersecurity, helping to pave the way for the next generation.” Her efforts have contributed to a more inclusive and supportive environment for women in the field.

    Rinki Sethi’s career is a testament to the opportunities and challenges in cybersecurity. From her early days at PG&E to her current role at BILL, she has navigated the complexities of the field with skill and determination. Her story inspires aspiring cybersecurity professionals, demonstrating that success is attainable with passion, resilience, and continuous learning. “I’m excited about what the future holds for cybersecurity and for the role of women in this industry,” she concludes.

    The Early Hacker Mindset

    Rinki Sethi’s interest in technology began at a young age, fueled by her family’s enthusiasm for computers. “I grew up with computers very early on, building my own machines,” she recalled. This early exposure was pivotal in developing her technical skills and curiosity. “My uncles were real techies and geeks, and our weekends were filled with discussions about the latest tech advancements,” she added. This environment nurtured her innate curiosity and problem-solving abilities, setting the foundation for her future career.

    A particularly formative experience involved her father installing parental spyware on her computer, leading to a cat-and-mouse game that sparked her hacker mindset. “My dad had installed keylogger software to monitor my online activities,” Sethi recounted. “I found out he was reading my chats, which led me to write a program that detected and removed the spyware.” This experience was more than just a technical challenge; it was a turning point that ignited her interest in cybersecurity. “I realized the power of coding and problem-solving at a very young age,” she said. “It was my first real taste of what it meant to be a hacker, even though I didn’t know what a hacker was back then.”

    The lessons from this early experience extended beyond technical skills. “It taught me resilience and the importance of staying one step ahead,” Sethi explained. “Every time I uninstalled the spyware, my dad would reinstall it, and I’d have to find a new way to detect it. It was a continuous learning process.” This iterative process of problem-solving and innovation became a core aspect of her professional ethos. “That mindset of constantly evolving and improving has stayed with me throughout my career,” she said.

    Sethi’s early forays into hacking were about outsmarting her father and understanding the broader implications of cybersecurity. “I started to see how important it was to protect information and how vulnerable we could be if we didn’t take proper measures,” she explained. This realization shaped her approach to cybersecurity, emphasizing the need for proactive and adaptive strategies. “Cybersecurity is about anticipating threats and staying ahead of them, just like I did with my dad’s spyware,” she noted.

    Her early experiences also highlighted the importance of mentorship and guidance. “My father, despite his invasive methods, was a significant influence,” Sethi acknowledged. “He pushed me to think critically and solve problems independently.” This support was crucial in her development as a technologist and cybersecurity expert. “Having someone challenge you and push your boundaries is essential for growth,” she added.

    Reflecting on her journey, Sethi emphasized the value of early exposure to technology and the importance of nurturing young talent. “If I hadn’t been exposed to computers and encouraged to explore, I might not have found my passion for cybersecurity,” she said. She advocates for more programs that introduce children, especially girls, to technology at an early age. “We need to create opportunities for young people to experiment and learn in a supportive environment,” she urged.

    These early experiences laid the groundwork for Sethi’s successful career in cybersecurity. Her story is a testament to early exposure’s impact, resilience’s importance, and continuous learning’s value. “Those early days of battling spyware were just the beginning,” she said with a smile. “They set me on a path of discovery and innovation that continues to this day.”

    Women in Cybersecurity: Progress and Challenges

    Discussing the current state of women in cybersecurity, Rinki Sethi acknowledged the significant strides made over the past decade. “I think it’s around 20 to 30% of the workforce now, which is a big improvement,” she noted. “A decade ago, it was closer to 10%.” However, despite this progress, Sethi emphasized that there is still a long way to go, particularly in leadership positions. “When you look at management, senior management, and CISO roles, the numbers are much lower,” she explained. “It shocks me every time someone asks me to introduce them to a woman CISO, and there are very few of us out there.”

    Sethi attributed some of the challenges to broader issues women face in tech, including balancing career and family responsibilities. “As women start having families, a lot of the burden falls on them, making it hard to sustain a career in cybersecurity,” she said. This struggle often leads to women leaving the field or not advancing to higher levels of leadership. “Creating workplaces that are more inclusive and offer flexibility is crucial for retaining women in tech,” she emphasized.

    The importance of mentorship and support networks was another key point Sethi highlighted. “Mentorship has been instrumental in my career,” she said. “Having role models and mentors who can guide you, provide advice, and open doors is invaluable.” She noted that organizations must foster environments where mentorship is encouraged and accessible to all. “We need to build strong networks of support to help women navigate their careers and overcome the unique challenges they face,” she added.

    Sethi also pointed out that visibility and representation matter. “Seeing women in senior roles can be incredibly inspiring and empowering,” she said. “It sends a message that these positions are attainable.” She shared an anecdote about a young woman who approached her at a conference, expressing how seeing Sethi on stage motivated her to pursue a career in cybersecurity. “Moments like that remind me why representation is so important,” she said. “We need to show the next generation that they belong in this field.”

    Despite the challenges, Sethi is optimistic about the future of women in cybersecurity. “We are seeing more initiatives and programs aimed at increasing diversity in the field,” she noted. “From early education programs to professional development opportunities, there is a growing recognition of the need to support women in tech.” She cited initiatives such as cybersecurity bootcamps and scholarship programs that are helping to bridge the gender gap. “These programs are making a real difference, and we need to continue to support and expand them,” she said.

    Furthermore, Sethi emphasized the importance of organizational commitment to diversity and inclusion. “It’s not just about hiring more women; it’s about creating an environment where they can thrive,” she said. This involves implementing policies that support work-life balance, offering career development opportunities, and fostering a culture of respect and inclusion. “Organizations need to be proactive in addressing the barriers that women face and work towards creating a more equitable workplace,” she added.

    Looking ahead, Sethi is hopeful that the increased focus on diversity will lead to more women in leadership roles within cybersecurity. “As we see more women entering the field and advancing in their careers, I believe we’ll start to see a shift,” she said. “It’s a gradual process, but the momentum is building.” She concluded with a call to action for the industry: “We all have a role to play in creating a more inclusive cybersecurity community. By supporting and uplifting each other, we can make a significant impact.”

    Attracting More Women to Cybersecurity

    To address the gender gap in cybersecurity, Rinki Sethi stressed the importance of early education and exposure. “Cybersecurity isn’t brought to kids at an early age, so they don’t learn about it until much later,” she said. This late introduction can be a barrier, as children may develop interests in other fields before they even know what cybersecurity entails. “We need to introduce cybersecurity concepts in schools just like we do with other subjects,” she emphasized.

    Sethi recounted her experience with the Girl Scouts, where she helped create the first cybersecurity curriculum from kindergarten to 12th grade. “There are girls now graduating from those programs and pursuing cyber careers,” she said, highlighting the impact of such initiatives. “We need more programs like this to ensure that cybersecurity is seen as a viable and exciting career path from a young age.”

    Moreover, Sethi believes companies should actively participate in outreach and education programs. “Companies need to invest in creating and supporting programs that introduce cybersecurity to young girls,” she urged. This includes partnerships with schools, community organizations, and initiatives like coding bootcamps and summer camps focused on technology and cybersecurity. “By getting involved, companies can help demystify cybersecurity and show that it’s an accessible and rewarding field,” she added.

    Another crucial aspect is addressing the stereotype of cybersecurity professionals. “We need to break the hacker-in-a-hoodie image,” Sethi said. “Cybersecurity is much more diverse than that, and we need to showcase the variety of roles and the people who fill them.” Highlighting diverse role models in cybersecurity can inspire young girls and women to see themselves in those positions. “Representation matters,” she asserted. “Seeing someone who looks like you in a role you aspire to can be incredibly motivating.”

    Sethi also highlighted the importance of family and community support in encouraging young girls to pursue cybersecurity. “Parents and educators play a critical role in supporting and nurturing girls’ interests in tech,” she explained. “We need to provide them with the resources and knowledge to encourage girls to explore cybersecurity.” This involves creating an environment where girls feel supported and empowered to pursue their interests in technology.

    Furthermore, Sethi emphasized the need for mentorship and networking opportunities. “Mentorship can make a huge difference in someone’s career,” she noted. “Having a mentor to guide you, provide advice, and advocate for you can help women navigate the challenges of the cybersecurity field.” She encouraged organizations to establish mentorship programs and create spaces where women can connect, share experiences, and support each other. “Building strong networks of women in cybersecurity is essential for fostering growth and development,” she added.

    Lastly, Sethi called for industry-wide initiatives to attract and retain more women in cybersecurity. “We need a concerted effort across the industry to address the gender gap,” she said. This includes policy changes, organizational commitments to diversity and inclusion, and ongoing support for professional development. “It’s about creating a culture where women feel valued and can thrive,” she concluded. “By working together, we can make cybersecurity a more inclusive and diverse field, benefiting everyone involved.”

    The Threat Landscape Today

    The current threat landscape in cybersecurity is vast and complex, presenting numerous challenges for professionals in the field. Rinki Sethi, with her extensive experience, provided a detailed overview of these challenges. “The threat landscape today is enormous, with so many issues to grapple with,” she said. “From ransomware to the weaponization of cyber criminals, the range of threats is broad and constantly evolving.” These persistent threats require cybersecurity experts to remain vigilant and adaptive.

    Ransomware remains a significant concern. “Ransomware continues to be a major issue,” Sethi explained. “It’s a constant battle to protect against these attacks and ensure that our systems and data are secure.” The impact of ransomware can be devastating, causing financial losses and disrupting critical services and operations. “We have to be prepared to respond quickly and effectively to minimize the damage,” she added.

    Identity theft and fraud are also critical areas of concern. “Identity theft is another major threat that we deal with on a regular basis,” Sethi noted. “Ensuring that our authentication mechanisms are robust and that we have strong protections in place is essential.” She emphasized the importance of continuous monitoring and implementing advanced security measures to safeguard personal and organizational data. “It’s about staying one step ahead of the attackers,” she said.

    Sethi pointed out that while these traditional threats are still prevalent, new challenges are emerging with the rapid advancement of technology. “We have so much technology and innovation at our hands today,” she remarked. “It’s an exciting time for cybersecurity, but it also means that we have to be constantly on guard for new types of threats.” The integration of artificial intelligence and machine learning in cybersecurity, for instance, has opened up new avenues for both defense and attack. “AI can be a powerful tool in our defense strategy, but it can also be used by cybercriminals to launch more sophisticated attacks,” she explained.

    The need for comprehensive coverage compounds the complexity of the modern threat landscape. “What worries me is the one thing you didn’t know about that creates a hole in your defenses,” Sethi admitted. “Ensuring that we have coverage on everything and being able to respond quickly if something slips through the cracks is crucial.” This highlights the importance of a robust response strategy and crisis management plan. “Companies need to focus on their response strategy and crisis management,” she advised. “Being prepared to handle breaches seamlessly can make all the difference.”

    In addition to the technical challenges, Sethi discussed the importance of collaboration and information sharing within the cybersecurity community. “No one company can tackle these threats alone,” she emphasized. “Collaboration is key to staying ahead of cybercriminals.” By sharing insights and best practices, organizations can enhance their collective defenses and respond more effectively to emerging threats. “We need to work together to create a stronger, more resilient cybersecurity ecosystem,” she said.

    Rinki Sethi’s insights into the current threat landscape underscore cybersecurity’s complexity and ever-evolving nature. Her emphasis on proactive measures, continuous learning, and collaboration highlights the multi-faceted approach required to protect against today’s sophisticated cyber threats. As the field continues to evolve, the importance of skilled, adaptive, and inclusive cybersecurity teams becomes increasingly apparent. “The challenges are significant, but so are the opportunities,” Sethi concluded. “By working together and leveraging our collective expertise, we can create a safer and more secure digital world.”

     

    Get the WebProNews newsletter delivered to your inbox

    Get the free daily newsletter read by decision makers

    Subscribe
    Advertise with Us

    Ready to get started?

    Get our media kit