Conversation
Highlights

From Product to Privacy: How Hush is Redefining Enterprise Security Through Human Protection

“Failure is not an option.” These words guided Mykolas through the dot-com crash and continue to shape his approach to building Hush, a privacy company taking an unconventional approach to enterprise security. While most cybersecurity companies focus on building better walls, Hush focuses on removing the target altogether.

In a recent episode of Category Visionaries, Mykolas shared how his team is fundamentally reshaping enterprise security by focusing on what he calls “the soft underbelly” – the human element that sophisticated hackers increasingly exploit.

Finding the Right Market Signal

The genesis of Hush came from a pattern Mykolas observed during his time at Wealth X and Equifax: the growing sophistication of social engineering attacks. “The criminals know this as well. And so they’ve taken the easy route, right? They go after the humans who are the soft underbelly of any cybersecurity strategy,” Mykolas explains.

This insight led to a crucial realization: while billions were being spent on cybersecurity tools, the human element remained vulnerable. The solution wasn’t another security tool – it was making it harder for attackers to gather intelligence about potential targets in the first place.

Reframing the Value Proposition

Rather than positioning Hush as yet another security tool, Mykolas approached the market differently. “We talk about the carrot and the carrot, if you will. Yes, this benefits the company, but the most likely risk that an employee is going to face is identity theft,” he explains.

This dual-benefit approach – protecting both the company and the individual – has proven particularly effective in driving adoption. Instead of being “yet another thing pushed down from IT,” Hush positions itself as a personal benefit that happens to have enterprise value.

Building Trust in a Skeptical Market

Selling to security leaders presents unique challenges. As Mykolas notes, “CISOs and corporate security leaders are both very skeptical communities. They’ve seen a lot. They don’t believe a lot of vendor pitches.”

To overcome this skepticism, Hush takes an “outside-in” approach: “We often talk about our diagnostic… if we’re a threat actor and say, look, here’s all the information about your employees. Here are the vulnerabilities.” This demonstration of real vulnerabilities, what Mykolas calls “golden nuggets,” often changes the conversation entirely.

The Power of Referral-Driven Growth

Hush’s go-to-market strategy leans heavily on referrals within the security community. “When things go sideways, when a leader is threatened, when they’ve had an incident, that’s when they message one another, right? That’s when they pick up the phone and call each other as peers industry.”

This approach has driven impressive results – the company doubled revenue quarter over quarter and maintains a 92 NPS score, which Mykolas notes is “shockingly high” considering “Apple in the seventies.”

Playing the Long Game

Rather than pushing for immediate sales, Hush takes a patient approach to market development. “We often say you may not need us now, but almost guaranteed, in 18 months or twelve months or six months, you’ll probably want to give us a call back,” Mykolas explains.

This long-term perspective extends to the company’s vision. While starting with enterprise security, Mykolas sees a broader opportunity to reshape privacy expectations: “I would love, and our company would love to see the nature of privacy change, not only in the US, but also globally.”

The goal is ambitious but clear: protect 20% of the American workforce within 3-5 years. It’s a vision that extends beyond just enterprise security to address fundamental questions about privacy in an increasingly connected world.

For founders navigating their own go-to-market challenges, Hush’s approach offers valuable lessons in market timing, value proposition framing, and the power of patience in building category-defining companies.