How Hush Built Trust with the Most Skeptical Buyers in Tech: A GTM Playbook for Selling to CISOs
CISOs get pitched fifty new security solutions every week. Each vendor claims to solve critical problems. Each promises unprecedented protection. And each faces the same wall of skepticism from security leaders who’ve heard it all before.
In a recent episode of Category Visionaries, Mykolas Rambus, founder of privacy company Hush, revealed how they broke through this skepticism to achieve rapid growth, including doubling revenue quarter over quarter. Their approach upends conventional enterprise security sales playbooks.
Start with Proof, Not Promises
“CISOs and corporate security leaders are both very skeptical communities. They’ve seen a lot. They don’t believe a lot of vendor pitches,” Mykolas explains. Rather than fighting this skepticism, Hush weaponizes it.
Their sales conversations begin with what Mykolas calls their “diagnostic” approach: “We often talk about our diagnostic… if we’re a threat actor and say, look, here’s all the information about your employees. Here are the vulnerabilities.”
This outside-in approach immediately demonstrates value rather than promising it. But the real power comes from what Mykolas calls “golden nuggets” – surprising vulnerabilities that change the conversation: “It’s the fact that they thought that their CEO was locked down. And turns out that the CEO’s dogs account on Instagram is where all of the information about their life, their movements, their family vacations is leaking from.”
Build Trust Through Networks
Rather than relying on traditional marketing channels, Hush recognized that security leaders operate in tight-knit networks. “When things go sideways, when a leader is threatened, when they’ve had an incident, that’s when they message one another, right? That’s when they pick up the phone and call each other as peers industry,” Mykolas notes.
This insight shaped their entire go-to-market strategy. Instead of pushing for immediate sales, they focus on being “known to that community” and maintaining high responsiveness when incidents occur.
Frame the Problem Differently
While most security vendors focus on tools and technology, Hush reframes the conversation around human vulnerability. As Mykolas explains: “The criminals know this as well. And so they’ve taken the easy route, right? They go after the humans who are the soft underbelly of any cybersecurity strategy.”
This reframing extends to how they position their solution within organizations. Rather than being “yet another thing pushed down from IT,” they emphasize dual benefits: “We talk about the carrot and the carrot, if you will. Yes, this benefits the company, but the most likely risk that an employee is going to face is identity theft.”
Play the Long Game
Perhaps most importantly, Hush recognized that trust can’t be rushed. “We often say you may not need us now, but almost guaranteed, in 18 months or twelve months or six months, you’ll probably want to give us a call back,” Mykolas shares.
This patient approach has paid off. The company maintains a 92 NPS score, which Mykolas notes is “shockingly high” considering “Apple in the seventies.” By focusing on building trust rather than closing deals, they’ve created a foundation for sustainable growth.
For founders targeting enterprise security buyers, Hush’s approach offers a crucial lesson: in a market defined by skepticism, trust isn’t earned through better pitches – it’s earned through better proof.