Kaspersky finds IT security employees spend five hours of working week on hobbies
Woburn, MA – February17, 2021 – According to a new Kasperskysurvey, as much as 84% of IT Security staff engage in leisure activities during working hours. Typically, these hobbies account for five hours a week, which is an hour more than staff across the company overall. The inferred reason for these breaks is thought to be to find a distraction from high workloads, which was also cited as the most common reason to leave a cybersecurity job.
Cybersecurity can involve routine and repetitive tasks, which affects both productivity and motivation to work. A shift to remote work has further blurred the lines between working and personal time, and this combination of factors can lead to situations where employees are often distracted from work.
Kaspersky’s report surveyed more than 5,200 IT and cybersecurity practitioners globally. According to the research, among the most common activities IT security staff participated in at work included reading the news (37%), watching videos on YouTube (36%), and watching films or TV series (33%). Nearly a third of the respondents managed to do physical exercise (28%) and read professional literature (27%).
Pic. 1 Types of hobbies IT security employees take during working hours
Additionally, almost half (46%) of IT security employees believe that their colleagues left a job because of these high workloads, and 41% of employees across all departments shared this opinion. This may seem contradictory, with so much working time being spent on leisure activities, but 46% actually explained their distractions from work were due to a need for a break between tasks, rather than because of boredom or a lack of work.
“I don’t think that it’s an issue that employees are distracted from work,” comments Andrey Evdokimov, head of information security at Kaspersky. “There should be control over task performance, not how many working hours are spent on a hobby. Also, it may be normal for people to watch videos, as it may give insights into how to solve a problem. All in all, if work is not interesting for someone and there is a lack of task management, an employee will find a way to do something different, even from the office.”
“Employees should have goals, KPIs, objectives and metrics that characterize the quality and speed of their work,” agrees Sergey Soldatov, head of security operations center at Kaspersky. “If performance is not affected, there is no problem with the fact that a person is distracted from work. If efficiency has fallen or differs from colleagues, it should be paid attention to. The aim of the manager is to inform employees about poor productivity as early as possible so they can find ways to solve the issue.”
Kaspersky experts responsible for IT security and SOC share the following recommendations on how to best manage IT security teams:
- Ensure that your company is fully equipped with IT security staff. Optimal numbers can be estimated as one cybersecurity employee for every 10 IT professionals;
- For round the clock SOC operation, there should be at least five employees responsible for monitoring. Organize shift work to avoid overworking;
- Outsource typical IT security tasks. It grants in-house employees more time to focus on company-specific requirements and the protection of legacy IT infrastructure;
- Ensure that you give employees different, non-standard tasks so they are not stuck in a rut and can develop their skills.
The full report and more advice on team management are available via this link.
About the survey
The Kaspersky Global Corporate IT Security Risks Survey (ITSRS) interviewed a total of 5,266 IT business decision-makers across 31 countries in June 2020. Respondents were asked about the state of IT security within their organizations, the types of threats they face and the costs they have to deal with when recovering from attacks.
Kaspersky is a global cybersecurity company founded in 1997. Kaspersky’s deep threat intelligence and security expertise is constantly transforming into innovative security solutions and services to protect businesses, critical infrastructure, governments and consumers around the globe. The company’s comprehensive security portfolio includes leading endpoint protection and a number of specialized security solutions and services to fight sophisticated and evolving digital threats. Over 400 million users are protected by Kaspersky technologies and we help 270,000 corporate clients protect what matters most to them. Learn more at usa.kaspersky.com.
 Median value was used. The median is the middle point value, separating the higher half from the lower half of a data sample. This method was chosen to depict a typical routine, as the average number was heavily affected by the small sample who spent much working time on their hobbies