Secured by Women: Meet Rinki Sethi, VP and CISO at BILL

Women’s representation in cybersecurity has come a long way in the last decade, but we still have progress to make before the balance truly shifts. That’s exactly why Lacework launched Secured by Women last year; and now, we’re thrilled to be back to continue championing the incredible women making a difference in cybersecurity.

This year, we’re proud to introduce “Changemakers in Cyber,” a Q&A series where we get to know five women who are boldly transforming the field.

Leading our lineup is Rinki Sethi, whose impactful work as VP and CISO at BILL exemplifies the critical contributions women are making in tech. From hacking computer parental controls as a teen to introducing the first cybersecurity badges for Girl Scouts, Rinki’s story is a testament to the power of curiosity, mentorship, and diversity. 

What makes Rinki a true changemaker in cybersecurity? Join us as we learn about her “accidental” entry into cybersecurity, some of her most memorable career moments, her vision for a more inclusive future, and much more. 

Q: What first sparked your interest in cybersecurity and how did you get started in the field?

A: My career started by accident when I was recruited by PG&E at UC Davis in my last year studying computer science engineering. I have been in the field ever since. I probably always had a hacker mindset — I think I realized this when my dad installed a parental spy tool on my computer back when I was in high school (also known as a keylogger) and was tracking all my online chats on AOL Instant Messenger with my friends. 

I heard him mention something to my mom that he would have only known had he been reading my chats. I developed a tool to detect and delete this spy tool — we played a cat and mouse game throughout high school; he installed and I uninstalled. I think I was destined to enter the field of cyber.

Q: What have been some of the most rewarding or memorable moments of your career?

A: There have been many, but the one I’m most proud of was leading the initiative to build the first set of cybersecurity badges for grades K-12 for the Girl Scouts of the USA, unlocking cybersecurity curriculums for girls in every zip code of the USA. This enabled these girls to learn about cybersecurity, teach those in their communities on how to protect themselves from attackers, and pursue careers in cybersecurity. I’m proud of my time at Palo Alto Networks building their first security operations center for customers to see, I’m proud of leading the Twitter security team during a very difficult time, and I’m proud of all the individuals I’ve hired who are thriving in their careers and I either get to immediately impact or cheer on from the sidelines. 

Q: What have been the most significant changes in the industry since you started? How have you adapted to them?

A: When I started my career, absolutely no one knew what information security or information protection was — honestly, I barely knew what it was, and I was not sure there was a future in this field. Cybersecurity was a term coined later on. CISO was only a position at banks at the time and explaining to anyone in the family what I actually did was impossible. They didn’t understand what I was getting paid to actually do. Now cybersecurity is talked about everywhere, all the time, no matter where you are or who you are in the world. Almost everyone can tell you a time they fell for a phishing scam. Cybersecurity is talked about and reported on at the board level at most companies and the roles of security teams and the CISO are more important than ever. This is such a dramatic change to have seen over the last two decades. 

Q: What inspired you to pursue board member and advisory roles? How do the unique perspectives of CISOs benefit boards?

A: I have always loved learning about new technologies and innovation in the security space. I took on my first advisor role for a company I was advising and helping with product strategy and messaging to CISOs. I loved helping smart founders and working with startups, so this was something that was very exciting for me and I took on more. Not only am I able to make a strong impact in the companies I advise, but it has also helped me stay current and on top of innovation and how other companies are dealing with security challenges.

I took on my first board of directors role at ForgeRock and it was a game changer. I got to bring my leadership experience and cybersecurity expertise from different companies and industries to ForgeRock as a board member. Being on the board of ForgeRock also made me a better security practitioner. Hearing what the board was concerned about and what was top of mind for the CEO helped me become a better business partner as a practicing CISO. 

I’m also excited about cybersecurity becoming an important conversation at the board level. This will open up doors for more security leaders being on boards to help companies navigate the complex issues on security that touch every part of the business.

Q: How has your involvement in communities like the Society of Women Engineers shaped your approach to leadership?

A: I joined the Society of Women Engineers the summer before I started college — and it was the best decision I made at the time. I was the only girl in many of the engineering courses I took and there were days that were so tough I wanted to quit. Turning to a group of women who were going through similar experiences and having guidance from more senior students in the Society of Women Engineers was so critical to me during that time.

 

 

I then went into the workplace and was the only or one of few women on the team — I gravitated toward other women. As I progressed in my career, if a company didn’t have a women in tech group, I created it; and when they had one, I asked to be a leader or executive sponsor of it. I continue to mentor women, be the exec sponsor of women in tech groups, and am involved in many women in cyber and women in tech groups in the industry. 

Q: What are some of the biggest challenges that women face in the cybersecurity industry today, and how can we address them?

A: The one I felt personally and the one I hear the most from other women is that “you can’t be what you can’t see.” I remember being promoted to a manager and feeling like I had made it and this was the best place I would ever get to in my career. There were almost no women in senior security leadership or senior technical roles back then. Although the number of women is better, at 20%ish in the industry, it is still far from where it should be. We are breaking the stereotype, and this can be hard. The biggest challenge is teaching those around us that the thought diversity we bring to the table will be key to solving the most difficult problems in cybersecurity.

Q: Mentoring has been a significant part of your career. What's one piece of advice you consistently give to those looking to advance in cybersecurity?

A: I was so scared of making mistakes and failing early in my career. I stayed in my comfort zone and tried to do what I was assigned as perfectly as possible. I was given a project that was new and outside of my expertise area — driving a phishing training program (this is before phishing testing and training was even a thing outside of banking). I launched it and the HR team didn’t love it — and they told me I would be fired if I ever tried something like that again. I was so embarrassed; it was the first time I had ever made a mistake that big. I also learned A LOT. I learned how important it was to communicate and bring people along. I learned the most in the mistakes I made in my career, and I became more resilient as well, which drove more innovation. My advice is to take informed risks and don’t try to be perfect. You learn the most from mistakes and failures and they make the successes that much sweeter.

Q: What’s one thing you’ve learned from a mentee?

A: Impatience can be a good thing. Some of the college new grads I mentor just blow my mind — they want to learn and move quickly and get exposure to as much as they can. They are not okay with the status quo and want to drive change. I love that they don’t let anything stop them, it gives me energy and inspires me every time I get a chance to meet with them. 

Q: Do you have a mentor or role model who you look up to in the industry?

A: There are so many it would be hard to pick just one. A few active mentors, role models, sponsors of mine include Mark McLaughlin, Lucas Moody, and the entire ForgeRock board that I had the honor to work with. These folks have had so much impact on my career. They’ve provided very real (good and tough) feedback and advice, and they have been my biggest champions — I’m inspired by them all. There are more — and I’m grateful for all of them.

Q: If you could give yourself one piece of advice when you were first starting your career, what would it be?

A: Learning from mistakes and failures is going to shape your successes and how you innovate and lead. I was so scared of making mistakes early in my career that I tried to stay within my lane and comfort zone. It’s only when I was given the opportunity to do something challenging and new that I made mistakes that I learned from. I became less scared after realizing that the consequences for making mistakes and failing were not so severe if you learned from them and that innovation only happens when you fail. I like taking risks and I love encouraging others to do so as well — it has shaped me in the way I am and the way I lead today.

Q: Are you part of any groups or associations that you would recommend for other women in tech?

A: There are so many amazing women in tech groups out there depending on what you’re looking for. It has changed for me over the years — I started with the Society of Women Engineers and later found women to network with at RSA. Then I got involved with the Executive Women’s Forum, which is such a great place for women in cybersecurity and technology. Women in Cybersecurity, the Forte Group, and Women Cyberjutsu are a few other fantastic groups specific to women in cybersecurity. I also enjoy being in women-focused CISO groups and Slack channels. Thank you to all the women who created these forums for women in tech to network, learn, and to create opportunities for each other.

Q: What's one book that every cybersecurity professional should read?

A: The book that inspired me and got me my first job in cybersecurity: “Introduction to Computer Security” by Matt Bishop. That was the textbook for an elective I took in my computer science engineering program at UC Davis.

Q: What do you hope to see happen in cybersecurity in the next 10 years?

It would be amazing if cybersecurity was in the DNA of every innovation and everything that is being built.

 

 

I hope sooner than 2034, every cybersecurity team has at least 50% women representation. Finally, I hope to see a lot more CISOs and security leaders on boards of companies.

Q: What impact do you hope to have on the next generation of women in cybersecurity?

A: The number of women in different types of cybersecurity roles has been increasing and it is amazing to see this diversity. I hope every girl and every woman can see cybersecurity as a career path, because the industry will need a variety of expertise and backgrounds to tackle the challenges that lie ahead. When the women in cybersecurity represent the diversity in the world, our impact will have been made.

Q: Can you share a fun or interesting fact about yourself that people might be surprised to learn?

A: I love to crochet blankets! This shocked my team recently — some were surprised I could sit still long enough to do this. 

Q: Which three emojis would you choose to describe the life of a woman in cybersecurity?

🤝🏽 👠 👩🏽‍💻

Q: What organization would you like to “pay it forward” to with your Secured by Women donation?

A: Forte Group. They are paving the way for a future in cybersecurity that is diverse — focused on providing opportunities for women in cybersecurity. 

Celebrate women in cybersecurity with us

Secured by Women is a loud and proud statement that we believe in the power and potential of women in this field. We’re here to share their stories, celebrate their achievements, and inspire the next wave of talent. 

Follow us on LinkedIn to learn more about our Changemakers in Cyber and stay tuned for more exciting events and news this Women’s History Month! 

Rinki Sethi is currently the Vice President and Chief Information Security Officer at BILL, where she is leading the global information technology functions and is also responsible for leading efforts to protect BILL’s information and technology assets and advise the company’s continued innovations in the security space. Rinki brings decades of security and technology leadership expertise and was recently VP & CISO at Twitter and Rubrik Inc. Rinki has been at the forefront of developing cutting edge online security infrastructure at several Fortune 500 companies such as IBM, Palo Alto Networks, Intuit, eBay, Walmart.com, and PG&E. Rinki also served on the board of ForgeRock, a public company in the identity and access management space prior to their acquisition by Thoma Bravo and currently serves on the board of Vaultree, a data encryption company. 

Rinki holds several recognized security certifications and has a B.S. in Computer Science Engineering from UC Davis and an M.S. in Information Security from Capella University. Rinki has served on the development team for the ISACA book, “Creating a Culture of Security” by Stephen Ross and was the recipient of the “One to Watch” Award with CSO Magazine & Executive Women’s Forum in 2014 and more recently the Senior Information Security Practitioner Award with ISC2 in 2018. She led an initiative to develop the first set of national cybersecurity badges and curriculum for the Girl Scouts of the USA. Rinki serves as a mentor for many students and professionals. She advises many startups in the cybersecurity industry.