top of page

Apricorn 2024 Cybersecurity Outlook: AI-Driven Ransomware on Rise and the Imperative for Data Management in Security


Kurt Markley, Managing Director, North America for Apricorn

Cyber Resilience Prediction

The rapid growth of AI is helping bad actors more quickly create and deploy ransomware tools across a host of industries. It’s been reported that generative AI has helped to double ransomware attacks against industries such as healthcare, municipalities and education between August 2022 and July 2023. Also concerning is the rate at which organizations choose to pay a ransom in order to secure their data. One research report shows that nearly half of respondents have a security policy in place to pay a ransom, with 45% admitting that bad actors still exposed their data even after paying the ransom.

Ransomware isn’t a threat; in many instances it’s an inevitability. No data is too low-value and no organization is too small. The alarmingly high rate of paying a ransom and still having data exposed means that IT leaders have to take back control and put practices in place to protect their data and save their capital budget. It means that IT leaders can’t afford to slack off regarding cyber resilience.

While almost all IT leaders say they factor in data backups as part of their cyber security strategies, research we conducted earlier this year found that only one in four follow a best practice called the 3-2-1 rule, in which they keep three copies of data on two different formats, one of which is stored offsite and encrypted. Furthermore, this same research found that more than half of respondents kept their backups for 120 days or less, far shorter than the average 287 days it takes to detect a breach.

The likelihood that AI-driven ransomware will impact far-higher numbers of organizations, it will be more important than ever in 2024 that organizations have a strong cyber resiliency plan in place that relies on two things: encryption of data and storage of it for an appropriate amount of time. IT leaders need to embrace the 3-2-1 rule and must encrypt their own data before bad actors steal it and encrypt it against them.

Data Management Within Security Policy

Data is no longer a byproduct of what an organization’s users create; it is the most valuable asset organizations have. Businesses, agencies and organizations have invested billions of dollars over the past decade to move their data assets to the cloud; the demand is so high that Gartner expects that public-cloud end user spending will reach $600B this year. These organizations made the move to the cloud, at least in part, because of a perception that the cloud was more secure than traditional on-prem options.

It's estimated that 30% of cloud data assets contain sensitive information. All that data makes the cloud a juicy target and we expect that 2024 will continue to show that bad actors are cunning, clever and hard-working when it comes to pursuing data. The industry has seen triple the number of hacking groups attacking the cloud, with high-profile successes against VMware servers and the U.S. Pentagon taking place this year.

As IT teams spend more on moving and storing data in the cloud, organizations must spend the next 12 – 24 months auditing, categorizing and storing it accordingly. They need to gain deeper visibility into what data they have stored in the cloud, how data relates to each other, and if it is still meaningful to the operations of the organization. In doing so, they are advised to create specific security policies about how, where and for how long they store their data. These policies, when actively enforced, will help organizations better protect their most valuable asset – their data.


bottom of page