For ISC2 Candidate Yaamini Mohan, cybersecurity is more than just a career. It’s about continuous learning, defending against real world threats, giving back to the community and helping create an industry where more people – especially women – feel supported, heard and empowered.
Disclaimer: The views and opinions expressed in this article belong solely to the author and do not necessarily reflect those of ISC2.
My journey into cybersecurity started earlier than I realized it would. During my undergraduate studies, I took a course in cryptography and that was the moment I got hooked. There was something fascinating about how mathematics, logic and security came together to protect information. That class pushed me to explore cybersecurity more seriously, which eventually led me to pursue a master’s degree in cybersecurity at Johns Hopkins University. Once I stepped into the field, there was no turning back.
I’ve been in the industry ever since, kept in place by a combination of passion and community. I genuinely love the thrill of defending against attacks, staying one step ahead of adversaries and constantly keeping myself updated as the threat landscape evolves. Cybersecurity is a field where learning never stops and that is something I deeply enjoy.
Just as important has been the community. Early in my career, I joined organizations like ISC2, WiCyS and RSA. The support, energy and sense of belonging I found in these communities has played a huge role in shaping my journey and keeping me in the industry.
My Workplace Experience
The reality of being a woman in cybersecurity was surprisingly different from what I initially expected. When I started, my impression was that women constantly had to fight with men to create a place for themselves. Challenges exist; there have been times, for example, when I felt like I needed to go the extra mile or be louder to be heard. Those moments can be exhausting, but they also taught me the importance of advocating for myself and not downplaying my work.
Over time, my perception completely changed. Today, I can confidently say that men have been some of my biggest supporters and cheerleaders. I’ve been fortunate to work with peers who encouraged me, supported me and have remained close friends. The belief that women are alone in this industry is one of the most misunderstood aspects of cybersecurity.
I’ve also seen positive changes in inclusion and workplace culture over the years. There’s still work to do, but the progress is real. I see more women in leadership roles and hear more intentional conversations around equity and representation. Strong, women-focused communities have also played a major role in driving this change. I don’t believe that any of these changes have happened by accident; they are the result of consistent effort by people who care deeply about making this industry better.
What to Do, What to Avoid
For women who are trying to progress in the cybersecurity industry, here is my shortlist of dos and don’ts that will make the biggest difference to you. Do talk about your work, do be your own biggest supporter. Give back to the community, too; doing this helps build soft skills, grow your network and make your contributions visible. But don’t be afraid to speak up or ask questions, because those small actions can truly be game changers.
I strongly believe that respect matters, especially from leaders and senior professionals; demeaning people does not help them grow and only makes imposter syndrome worse. The kind of support that has made the biggest difference in my career has been kindness and honesty. I’ve been lucky to have mentors, peers and leaders who were kind, honest and supportive, which has had a meaningful impact on my confidence and career growth.
If I tried to list all the technical skills that matter in cybersecurity, it would be a never-ending, constantly changing list. I’ve worked across network security, cloud security and now AI security. Each phase of my career has required learning a new technical model. One skill that is becoming especially important today is understanding how modern phishing attacks work. These attacks are becoming more advanced, more targeted and, increasingly, powered by AI. The better I understand how attackers use these techniques, the better I’m prepared to defend against them.
My career advice is simple: lean into the technical side and stay curious. Cybersecurity is a vast field with many different paths, but if you take the time to understand how attacks really work, you can build valuable skills quickly. Technology will keep evolving and attackers will keep adapting, especially with AI. That’s why curiosity, confidence and willingness to learn matter so much. You don’t need to know everything on day one – but you do need to be willing to dig into how modern threats operate and how to stop them.
Yaamini Barathi Mohan has 10 years of experience in phishing defense, cloud security, vulnerability management, ethical hacking and AI security. She has held technical, leadership and community roles, with responsibility for defending against phishing attacks, penetration testing, threat intelligence, security automation and mentoring. Her cybersecurity work spans AI-powered security, public speaking, inclusion advocacy and innovation leadership. At the time of writing, she is studying for ISC2’s CC certification.
