[Woodi]

If you are only one with IT knowledge there it is already your responsibility - in case of ransomware or some disaster you can be hold responsible. Of course all depends on your contract, potential loses, managers mood and managers need to cover their asses.

Good news: looks like your position makes you kind of manager yourself - you, to some degree, can influence and even demand things. And for sure your responsibility is to communicate state of business to the upper chain.

Or maybe just make critical systems off the internets :>