One aspect examined was the difference between whether the IT team and the cybersecurity team are separate entities or whether the security experts are part of the IT organization as a separate team. Companies with a dedicated cyber security team within a broader IT team achieve the best results in the area of cyber security. This is because cyber security measures are closely linked to IT solutions and an integrated structure increases effectiveness.
The causes and recovery from ransomware attacks also vary depending on the organizational structure. Scenario 1 (separate IT and cybersecurity teams) reported the most frequent ransomware payments and lowest backup usage, while in scenario 2 (integrated cybersecurity team) exploited vulnerabilities and compromised credentials were equally the main causes.