Priya Patel
TLDR:
Key Points:
- Organizational structure can impact ransomware outcomes
- Organizations with dedicated cybersecurity teams within the IT structure have better outcomes
Summary:
The impact of organizational structure on ransomware outcomes was explored in a report commissioned by Sophos. The report surveyed 3,000 IT and cybersecurity professionals from organizations with 100 to 5,000 employees across 14 countries. It evaluated three main organizational models: separate IT and cybersecurity teams, cybersecurity team within IT, and no dedicated cybersecurity team with IT managing security.
The report found that organizations with a dedicated cybersecurity team within the IT structure (Model 2) had better overall cybersecurity outcomes compared to organizations with separate IT and cybersecurity teams (Model 1). Model 2 organizations were more successful in recovering from ransomware attacks using backups, paying lower ransom amounts, and experiencing less business impact. This integrated structure facilitated better collaboration, shared responsibilities, and a unified approach to security best practices.
While all organizational models faced challenges in core security operations tasks like threat detection and remediation, the report highlighted the importance of coordination and alignment in implementing preventive security controls. Interestingly, organizations without a dedicated cybersecurity team (Model 3) had the fewest ransomware attacks, possibly due to their smaller size and IT footprint, making them less of a target for threat actors.
Overall, the findings suggest that the structure of security teams within an organization can significantly impact ransomware outcomes, with integrated cybersecurity teams within IT structures showing more resilience and better outcomes.
