Mixing work and play might be a good thing if it breaks up the monotony of security monitoring, according to Kaspersky. The company’s survey about IT security economics found that 85% of workers spend up to five hours a week reading the news, watching TV shows, or even exercising.
Security teams spend hours combing through alerts to spot potential attacks on company networks. Boredom and alert fatigue are serious problems for security teams. The Kaspersky survey revealed how security team members combat this. Forty-six percent of survey respondents said they spent time on non-work activities to take a break between tasks, not because of boredom or a lack of work.
Some of the extracurricular activities were work-related but a few were purely recreational:
- Reading articles and news 42%
- Watching videos on YouTube 37%
- Watching movies or TV shows 34%
- Reading professional articles or research33%
- Scrolling social media feeds 32%
- Physical activity 31%
- Reading books 29%
- Playing video games 29%
- Listening to podcasts 21%
- Playing board games 13%
It’s easy to understand why security experts need a break between tasks when you look at what they are responsible for: Evaluating and testing security software, configuring that software, installing it and upgrading it, enforcing user policies, and incident monitoring, investigations, and response.
The Kaspersky survey found that turnover on security teams increased 45% over the past year. The survey report identifies a vicious cycle in turnover: An increase in turnover adds extra strain to existing employee workloads, which is what drives turnover in the first place. Burnout is a significant problem for security teams and these non-work distractions could be one way to ease the daily stress levels.
Andrey Evdokimov, head of information security at Kaspersky, said in a press release that he doesn’t see a problem with these survey results.
“There should be control over task performance, not how many working hours are spent on a hobby,” he said. “Also, it may be normal for people to watch videos, as it may give insights into how to solve a problem.
He also said it’s a manager’s job to track employee tasks and to ensure that there is variety and a mix of routine and more challenging tasks.
SEE: Social engineering: A cheat sheet for business professionals (free PDF) (TechRepublic)
Sergey Soldatov, head of security operations center at Kaspersky, said in a press release that managers should monitor how well employees hit key performance indicators that measure the quality and speed of their work, not how much time they spend watching YouTube or reading.
“If performance is not affected, there is no problem with the fact that a person is distracted from work,” he said. “If efficiency has fallen or differs from colleagues, it should be paid attention to.”
Kaspersky experts follow these guidelines to manage IT security teams:
- Ensure that the IT security team is big enough with the benchmark of one cybersecurity employee for every 10 IT professionals.
- Organize SOC shifts to avoid overworking and have at least five employees per shift responsible for monitoring.
- Outsource standard IT security tasks to give in-house employees more time to focus on company-specific requirements and the protection of legacy IT infrastructure.
- Make sure employees have a variety of tasks so they are not stuck in a rut and have opportunities to learn.
The Kaspersky Global Corporate IT Security Risks Survey (ITSRS) interviewed a total of 5,266 IT business decision-makers across 31 countries in June 2020. Respondents were asked about the state of IT security within their organizations, the types of threats they face, and the costs they have to deal with when recovering from attacks. Kaspersky released four reports based on this survey. This section is the final report.