Sethi keenly wrote a program to uninstall the software from her computer, which started a back-and-forth game between Sethi and her father—with the duo reinstalling and uninstalling the tool from her device. 

“I feel like that hacker mindset was always inside me, which is how I found passion in the field,” Sethi tells Fortune. “I had no idea that there was such a thing as cybersecurity, but here we are.”

Sethi went on to pursue an undergraduate degree in computer science engineering from the University of California–Davis before embarking on a nearly 20-year career in cybersecurity. She started out as an information security specialist at Pacific Gas and Electric Co. (PG&E). She later earned her master’s degree in information security—similar to a master’s degree in cybersecurity—and went on to become a cybersecurity leader at the biggest names in the industry including Walmart.com, eBay, Intuit, Palo Alto Networks, IBM, and Rubrik. She was chief information security officer at Twitter for nearly two years before Elon Musk purchased the social media giant in October 2022 for $44 billion.

Sethi now serves as an adviser to several tech companies, and she most recently joined the board of directors for Vaultree, a cybersecurity company focused on data protection and encryption. Joining Vaultree “brought me back to my roots of being very interested in cryptography and always being fascinated by it,” she says.

Fortune sat down with Sethi to learn more about her start in cybersecurity and why industry education is valuable.

The following interview has been edited for brevity and clarity.

Finding her passion for cybersecurity

Fortune: How did you get your start in cybersecurity?

Sethi: I graduated college during a bad time in the economy, so I was just happy and lucky that I got a job and I had no idea what I was getting into. My first role was called an information protection analyst, and I found out later on that that was cybersecurity. 

But my passion really started back when I was in high school. It was when my dad had decided to install a keylogger on my machine because we were using AOL Instant Messenger to chat with our friends back then, and he wanted to know what we were talking about, or if I was talking to boys. I heard him talking to my mom about something I had typed and found that he had installed a keylogger on my machine, and I then wrote a program to uninstall it. I told my sister about it, gave her the program too, and it would detect anytime he tried reinstalling it and then I would uninstall it. So we had this cat and mouse game.

Cybersecurity education

Did you study cybersecurity? Or were your skills self-taught?

When I was in high school, I was very good at math and science and really good with computers. When I was graduating high school, I remember saying that I wanted to become a lawyer. And my dad questioned what my first degree would be because I’m really strong in math and science. 

So I ended up choosing computer science engineering, and I was a very strong developer. But my favorite class in college was a cryptography class. One of my instructors had written one of the first textbooks for colleges around cryptography. 

When I went for my first interview for the job—for the job I ended up getting—the hiring manager had asked me what my favorite class was, and I said, cryptography. And he said that was interesting and that they had a role in that space. That’s how it all came together.

How did you continue to learn more about cybersecurity throughout your career?

I got my first job at Pacific Gas and Electric, and I felt like I was self-learning. There weren’t as many resources as there are today. So I took several courses and then I decided to get my master’s degree in information security. 

I had gotten my certifications in CISSP [certified information systems security professional] and everything that’s out there, but I needed to differentiate myself, and I felt like I really needed to go deep in this space. I got my master’s degree at an online university called Capella Universityand did my master’s degree in information security while I was working. After that, I decided I wanted more of an engineering role. At the time, I had more of like a compliance and audit cybersecurity role.

I took my first security engineering role several years after Walmart.com. Walmart.com was based in the Bay Area and was a wholly owned subsidiary of Walmart, but kind of operated like a startup. We had a very small security team. I helped them build out their security program. There were two of us at the time. I got my hands dirty with a lot of different areas in cyber, and I found my true passion in the field while I was there. 

I learned my interest in cybersecurity education and how to win the hearts and minds of developers to really take security to heart. I questioned how to build security into the DNA of a company’s culture. That’s where my passion was, and that’s where I found my little niche, which was because I was from a developer background. I was able to teach folks in the company and really raise the awareness around cybersecurity. 

What value is there in cybersecurity education?

I think the structured programs help a lot with understanding the industry. There’s so many degrees out there now, so many universities that have degrees on cybersecurity like Carnegie Mellon, NYU, and UC Davis. It gives you what cybersecurity is all about and all, and it gives you an overview of all the domains. 

You may get into cybersecurity and if it’s your first job, you don’t necessarily love what you’re doing, but it’s like that’s maybe one in a 100 roles you could have in the cybersecurity space. I feel like it gives you a good overview of what cybersecurity is all about. Why does it even exist as a field? It teaches you the theory around it.

Unstructured learning is really cool now, too. There’s so many ways to dive deep into cybersecurity in that unstructured way or follow people that are publishing news around cybersecurity. There’s just so many ways to learn now.

On the job, you actually face incidents and you face breaches and you’re in the thick of learning. The added aspect that a job brings is that it’s not just the cybersecurity aspect, but you’re now having to make sure that you’re falling within the business goals and navigating working within leaders. There’s a massive communication aspect to ensuring that security is prioritized in the right way in the business. That’s where the practical experience differs from what you’ve learned in the education that you get.

Advice for prospective cybersecurity workers

What’s your advice for people wanting to enter industry?

I’m very curious. I would push people to be curious, connect to cybersecurity folks that are out there. Don’t be afraid to reach out. I think we’re all hungry to get more folks in. There’s a lot of education that exists, so get your hands dirty and learn and practice. There’s this whole new area of digital trust that’s appearing and I think a lot of new innovation is happening in this space. It’s going to be important to think about it broadly in that way. 

I’m excited for the next generation of cybersecurity leaders. We need more cybersecurity practitioners and leaders in the field, so the more the merrier. Reach out to us, there’s lots of roles available.