Hor - stock.adobe.com

Security pros agree: We need to take a break

As many as 85% of security staff engage in leisure activities during working hours, but they have excellent reasons for doing so

Taking a break to read the news, watch YouTube videos, binge on Netflix, fit in a workout, play videogames, doom-scroll on social media, or just catch up on some reading are just some of the things cyber security pros are doing to distract themselves from their intense workloads, but this is not necessarily a bad thing, a report says.

Kaspersky quizzed more than 5,200 IT and security practitioners to compile its report titled Managing your IT security team, and found that up to 85% would happily admit to engaging in leisure activities during the working day, an hour more than staffers in other departments.

Kaspersky said security jobs can often involve quite routine and repetitive tasks which can affect both productivity and motivation – particularly for those forced to work from home, where the lines between personal and work time become even more blurred.

Many respondents said they found that distracting themselves for a little while was a good way of breaking up the day in between tasks, rather than out of boredom, or having nothing to do.

“I don’t think that it’s an issue that employees are distracted from work. There should be control over task performance, not how many working hours are spent on a hobby,” said Kaspersky head of information security, Andrey Evdokimov.

“Also, it may be normal for people to watch videos, as it may give insights into how to solve a problem. All in all, if work is not interesting for someone and there is a lack of task management, an employee will find a way to do something different, even from the office.”

“Employees should have goals, KPIs [key performance indicators], objectives and metrics that characterise the quality and speed of their work. If performance is not affected, there are no problems with the fact that a person is distracted from work,” added Sergey Soldatov, Kaspersky security operations centre (SOC) head.

“If efficiency has fallen or differs from colleagues, it should be paid attention to. The aim of the manager is to inform employees about poor productivity as early as possible so they can find ways to solve the issue.”

There are a number of ways in which organisations can better support their cyber security teams, beginning with ensuring a full complement of dedicated security staff – Kaspersky recommends one for every 10 members of the wider IT team, and adequately staffed SOCs, if operated, with five people on duty at any one time and proper rotas in place to avoid overwork.

It is also important to regularly swap security team members around, giving them a variety of different, non-standard tasks so they do not get stuck in a rut. This can also be helpful in terms of diversifying skills bases within the security team.

CIOs and CISOs can also help by pushing for budget to outsource some of the more mundane or typical security tasks, giving in-house employees more time to focus on company specific requirements, and the protection of crown jewels, legacy infrastructure, and so on.

Read more about security culture

Read more on Data breach incident management and recovery