What does it take to build a successful cybersecurity startup in Denmark—and why is it still so hard? At Next Door Security 2025 Aarhus, Geeta Schmidt, General Partner at Seed Capital and former CEO of Humio, took the stage to give a candid look at the venture capital perspective on cybersecurity.
With experience as both founder and investor, Geeta offered unfiltered insights into what holds Danish startups back, how the local ecosystem compares internationally, and what it takes to secure early-stage funding in cyber.
Key Takeaways
Only 3% funding
Denmark receives only 3% of total Europe and the UK’s cybersecurity startup funding.
Local access is challenging
Startups still struggle to access local customers and POCs, often looking abroad instead.
Focus on the product
Venture funding prefers product companies – not consulting-heavy models.
Be where your customers are
Founders should focus time where customers are, not just on startup events.
Cyber Lessons from a Founder Turned VC
Geeta’s perspective is unique. As co-founder and CEO of the cybersecuity business Humio, she built the company from Aarhus into a scalable logging and SIEM platform that eventually exited to CrowdStrike. That journey started outside the cybersecurity world – and ended in one of its most high-profile acquisitions.
We really came into security from the outside in. We spent a lot of time observing how our customers were using things, what integrations they needed, and understanding security from that angle.
Now, as a venture partner, she’s investing in early-stage companies—but with a clear message: local funding is scarce unless startups can prove traction.
Denmark vs. The World: Funding Gaps and Ecosystem Grit
According to data shared from Nordic9, only 3% of security startup funding in Europe and the UK went to Danish companies in recent years.
We left Denmark to find funding. And we looked for customers outside of Denmark. We found companies like Bloomberg and Visa more willing to bet on us than the ones here.
In contrast, Sweden commands 9%, and the UK leads with 25%. Israel, with its strong defense-to-startup pipeline, is now attracting global VCs eager to invest.
Geeta believes Denmark has the right ingredients—talent, universities, government programs—but lacks cohesion. Startups, investors, and customers aren’t working closely enough to build momentum.
The Power (and Pain) of POCs
Much of Geeta’s talk focused on the value of proof-of-concept (POC) customers – not just for funding, but for building the right product.
We want to see that some users are using it. Why can’t that user be next door?”
She emphasized that structured POCs with meaningful feedback are key. Danish enterprises, she suggested, should play a more active role—not just testing products, but helping startups understand what integrations and scale are needed to succeed.
Product First, Not Consulting
A clear point made during the talk was about **venture capital’s preference for product-focused companies**. Security startups often mix consulting and product, but that hybrid doesn’t scale well from a VC perspective.
Venture companies need to be product companies, not consulting companies. In security, you often see a combination, but VCs hesitate with models that rely too heavily on services.
Startups looking for funding should aim to develop scalable, repeatable solutions – not bespoke offerings tied to service hours.
Go Where Your Customers Are
When asked about startup events and building community, Geeta offered a sharp, experience-based tip:
We never went to startup events. We went where our customers were.
She encouraged founders to prioritize customer learning over event attendance. Real market validation doesn’t come from a pitch deck—it comes from someone trying your product and telling you what’s broken (or what they love).
She also advocated for formats like speed-pitching with practitioners, or competitions where winners get a real POC – not just applause.
Conclusion
Geeta Schmidt’s session was a wake-up call – delivered with optimism. Denmark’s cybersecurity startup ecosystem is growing, but still has work to do.
Startups need support from enterprises willing to test and guide early products. Investors like Seed Capital are ready—but want to see real traction and a clear product path.
And above all, founders need to think globally while using the resources *next door*. With leaders like Geeta helping to close the gaps, the Nordic cyber scene may soon punch above its 3%.
The Speaker
General Partner, Seed Capital
Geeta Schmidt is a General Partner at Seed Capital, leading investments in cybersecurity across the Nordics. She was previously CEO and Co-founder of Humio, which scaled from Aarhus to global success and was acquired by CrowdStrike for $400 million, where she later served as VP.
Geeta brings deep operational and investment experience, with a focus on product-led startups. She also serves on the Board of Trifork and advises companies like Heyhack. At Seed Capital, she’s working to strengthen Denmark’s role in the global cybersecurity landscape.
FAQs
What stage does Seed Capital invest in?
Seed Capital invests at the early (post-pre-seed) stage – typically after a startup has some users or customer validation.
Does Seed Capital focus on cybersecurity?
Yes. Geeta Schmidt is leading Seed Capital’s investment focus on cybersecurity startups in the Nordics.
Is a consulting-heavy model a problem for VCs?
Yes. Venture capital typically avoids companies that rely heavily on services. Scalable, product-based models are preferred.
What’s more valuable to a VC—revenue or real user feedback?
For early-stage investments, useful customer feedback (even from unpaid POCs) can be more compelling than early revenue.
Why do Danish cyber startups struggle to get funded?
A lack of local customer validation and limited investor experience in cybersecurity are key factors. More collaboration is needed across startups, enterprises, and funding bodies.