Fighting Cyber Risk: The Inception of Axio

What lies at the crux of cybersecurity? Unpredictability, says Axio CEO and Founder Scott Kannry. Built In sat down with him to learn more.

Written by Jenny Lyons-Cunha
Published on Jun. 08, 2023
Large group photo of Axio team members
Axio
Brand Studio Logo

“Part of recognizing risk is appreciating the fact that, despite your best efforts, something bad can still happen.” 

For Axio CEO Scott Kannry, this is the crux of understanding cybersecurity. 

“For example, someone can walk by your building, fall down and break their leg and sue you,” said Kannry. “Bad things happen. Cyber risk is no different.” 

The burgeoning and prolific nature of cybersecurity is what inspired Kannry and Co-Founder David White to launch Axio. Between the two of them, the founders strike a perfect balance. 

“Dave’s methodologies were technical playbooks that helped security leaders understand what protective technologies to deploy, while my job was to sell cyber insurance contracts that would help companies recover from losses,” said Kannry. “When we first met, we realized that we had opposite ends of the spectrum when it came to approaching cybersecurity.”

The pair found themselves asking a formative question: Where should a company spend its last dollar?

“Do they give it to the security leader to buy more technology, or do they give it to the risk manager to buy a cyber insurance policy?” said Kannry. “We started Axio based on this question and the idea that companies needed a better way to understand and manage their cybersecurity risks.” 

Built In sat down with Kannry to learn more about the impact he hopes Axio will have on the world of cybersecurity — and how it all started. 

 

WHAT AXIO DOES

Since I’m a hockey fan, that’s my preferred analogy. I feel like we’re barely halfway through the first period, and up 1 to 0 — but there’s still most of the game left to play. In the next few years, there will be a threshold moment for the cybersecurity industry. Whether it’s economically driven or just because of regulations, like the SEC cybersecurity regulations that are supposed to come out, there’s plenty of opportunity to keep chipping away at that problem.

 

Axio helps security and business leaders protect what matters most to their business. Axio is building a next-generation cyber risk platform that empowers security and business leaders to make more informed decisions about their cybersecurity programs.
 

 Portrait photo of Axio CEO Scott Kannry
Axio

 

What prompted you to start Axio?

The story of our companies is based on the backgrounds of my co-founder, Dave White, and myself. I spent nearly a decade working in the insurance industry, where my job was to help companies and risk managers understand the risks of cyber exposure and purchase the right cyber insurance policy. Dave, on the other hand, spent around 20 years at the Software Engineering Institute at Carnegie Mellon, leading a team that authored risk-management frameworks and methodologies, which later became cybersecurity frameworks and methodologies.

 

To whom did you look for inspiration early on?

I happened to have had some phenomenal mentors and folks that have inspired me. Our current chairman, Bob Dudley — who was the former group CEO of BP — is one of those people. He’s someone who wants to make a difference in the world, no matter what industry he’s in. 

Going back to the start of my professional career, a handful of people have motivated me to build a skill set that can help solve a problem and make an impact. It takes a lot of grit and time and effort to sit down and write a couple of pages of a cybersecurity framework, but we’re not just doing it to put words on the paper. We’re doing it because, if we do it the right way, we can make an impact. We’re really striving to solve a generational challenge: cyber risk. 
 

“We’re really striving to solve a generational challenge: cyber risk.”

 

What’s next for Axio?

Since I’m a hockey fan, that’s my preferred analogy. I feel like we’re barely halfway through the first period, and up 1 to 0 — but there’s still most of the game left to play. In the next few years, there will be a threshold moment for the cybersecurity industry. Whether it’s economically driven or just because of regulations, like the SEC cybersecurity regulations that are supposed to come out, there’s plenty of opportunity to keep chipping away at that problem. 

 

“In the next few years, there will be a threshold moment for the cybersecurity industry.”

 

There are thousands of capabilities out there, and it’s challenging for security teams and companies to understand where they should place their bets. There’s a major opportunity there. And there’s also the board of directors dynamic that’s about to kick up in a big way: We’ve got some interesting collaborations picking up with the insurance industry. So, halfway through the first period, top of the second inning, — whatever you want to call it — there’s a big runway on the Axio story.

 

Responses have been edited for length and clarity. Images provided by Axio.