Conversation
Highlights

When Operational Expertise Beats Technical Superiority: Lessons from Shush’s First 18 Months

In December 2023, Eddie DeCurtis sat down to write something he’d never written in 30 years of building wireless networks: a startup thesis. Not because he lacked ideas—he’d helped pioneer intercarrier SMS and run mobile identity operations across continents—but because this time felt different.

He’d spent the previous year traveling the world as a regional CEO, meeting with mobile network operators who all told him the same story. As Eddie recalls: “They’re all saying the same thing. We want to do it. We have no idea how to do it. Oh, by the way, did I tell you, we have no money and we don’t have a platform.”

In a recent episode of Category Visionaries, Eddie, Co-Founder and CEO of Shush Inc., shared how recognizing that pattern—and understanding why it existed—became the foundation for a network authentication platform that would grow from three people to 30 employees in 18 months.

The Market Math That Everyone Else Missed

The numbers were stark. Roughly 1,000 mobile network operators exist globally. Only 33 had launched authentication services to protect customers from SIM swaps, phishing, and fraud. Eddie saw what others didn’t: the remaining 967 operators weren’t ignoring the opportunity—they were paralyzed by it.

“There are 1,000 mobile network operators out there,” Eddie explains. “And unlike the United States, there’s usually like three or four in a particular market. In the US there’s over 60.”

These operators had spent billions on 5G infrastructure. They understood that authentication services represented a significant new revenue stream. They knew their customers faced mounting fraud losses. But they lacked three critical components: capital to build platforms, internal expertise to navigate regulatory frameworks, and operational knowledge to actually run an authentication business unit.

Eddie’s previous employer didn’t see the opportunity the same way. So in December, he left to pursue it himself.

Choosing the Validator Who’d Most Likely Kill the Idea

Most founders validate ideas with friendly audiences—mentors who want to encourage, investors looking for deals, other entrepreneurs building in adjacent spaces. Eddie took the opposite approach.

He identified John Donovan, former CEO of AT&T Communications, as his target validator. Eddie had worked for John at VeriSign and knew his reputation. “This guy sits on the board of like Lockheed and Palo Alto Networks,” Eddie says. “This is a serious guy. He’s going to be rough, he’s going to be tough. He’s going totally ask the really hard questions.”

Donovan gave him an hour. Eddie presented his entire thesis. The response was unambiguous: “Go raise $40 million and own this space. Because you’re not going to be alone for the work. This is a great idea.”

That validation mattered precisely because it came from someone with zero incentive to be encouraging. For infrastructure founders selling into complex, regulated markets, this strategy compresses what might take months of customer discovery into a single high-stakes conversation with someone who’s actually run the buyer organization.

Selling Before Building

Before Shush incorporated in February 2024, Eddie had already secured a proof of concept with a major operator. His pitch materials consisted of decades of domain expertise and a PowerPoint deck.

“I had nothing. I didn’t have software,” Eddie explains. “We had an idea, we had a PowerPoint presentation. And I lined up like a POC with a very large operator, which really kickstarted the whole company.”

This approach only works when you’ve built the pattern recognition to speak directly to buyer pain. Eddie could walk into operator meetings and immediately address not just technology questions, but pricing models, regulatory frameworks, and internal stakeholder dynamics across legal, privacy, and compliance teams.

The company incorporated, then launched at Mobile World Congress in Barcelona. Eddie’s total budget: a $75-per-night Airbnb and airline miles.

The Hire That Eliminated All Credibility Questions

Eddie’s next move addressed what could have been Shush’s biggest vulnerability: operators might trust his vision but question whether a startup could actually deliver what tier-one carriers like T-Mobile and AT&T had spent years building.

He cold-called John Morrowton, who had “built this actual product and service offering at T-Mobile USA, from its inception to its execution and ran it for four years.”

Eddie’s pitch was direct: “I called him up, I said, hey, I’m Eddie DeCurtis, how are you? You want a job? You’re Chief Product Officer.”

Morrowton joined. The impact was immediate. Operators who might have been skeptical suddenly saw someone they’d worked with before—someone who’d already operationalized authentication services at scale. In infrastructure sales, hiring executives from reference customers eliminates “can you actually do this” objections before they surface.

Where Better-Funded Competitors Failed

As Shush started competing for operator deals, a clear pattern emerged. Competitors could demonstrate technology platforms. They could show API documentation and integration guides. But they couldn’t answer the operational questions that actually determined whether operators would buy.

Eddie describes a typical competitive scenario: “I was sitting there talking to a mobile network operator and I said what’s the privacy rules? What’s the privacy rules for this market to share CPNI data to a third party for the conventional thought. And they looked at me and they said, I have no idea. And I went, well, here’s the rules for your country.”

This became Shush’s competitive moat. Eddie’s core insight: “Anybody can come up with the technology. You walk down the street in the Bay Area, 10 developers will develop it for you.”

The real differentiation lived in operational knowledge—understanding regulatory frameworks by jurisdiction, knowing how to price SIM swap detection APIs, navigating privacy and legal teams inside operators. Eddie frames this as a three-legged stool: technology, network integration, and business operations. “Any of those legs are missing, it falls over. And the most important part of it is business operations. How do you price it? What’s my regulatory rules, what’s my legal rules, what’s my privacy rules?”

Turning Architecture Into Sales Velocity

Mobile operators run highly secure networks with limited external access points. Most authentication platforms require complex integrations across dozens of network elements—a deployment nightmare that slows sales cycles and increases implementation risk.

Shush took a different approach. “We narrowed it down to three network elements that we can communicate with to provide all 47 APIs,” Eddie explains. “So we make it super simple.”

That architectural decision became a sales story. Fewer integration points meant faster deployment, lower implementation risk, and reduced IT overhead for operators. An engineering decision transformed into a go-to-market advantage.

The Principle Behind the Tactics

The lesson from Shush’s first 18 months isn’t simply “validate with executives” or “hire from reference customers.” It’s deeper: in regulated infrastructure markets where technology commoditizes quickly, operational knowledge becomes the sustainable differentiator.

Eddie identified buyers with sophisticated needs but constrained execution capacity. Operators wanted authentication services but lacked the expertise to deploy them. That gap between ambition and capability created perfect conditions for a full-stack solution that delivered not just technology, but the entire operational framework to actually run the business.

Today, Shush supports 47 network APIs, is fully GSMA Open Gateway compliant, and was the first platform to support the TS.43 GBA AKA authentication standard. The company went from three employees to nearly 30 in 18 months—not because they built better technology than competitors, but because they built the operational infrastructure that made the technology actually deployable.