Most IT security staff were pursuing their hobbies during work hours, spending up to six hours a week on them, a report found.
The ‘Managing your IT security team’ report by cybersecurity firm Kaspersky found that 85% of such staff were engaged in activities like reading the news (42%), watching YouTube (37%) and watching films or TV shows (34%).
Some also turned to self improvement, doing physical exercise (31%) and reading professional literature (33%). The findings showed the six hours a week spent on hobbies was about an hour more than staff across the company overall.
The report also noted that cybersecurity can often involve repetitive tasks, which affects employees’ productivity and motivation to work. This is made worse with remote work, which further blurs the lines between working and personal time.
Kaspersky Information Security head Andrey Evdokimov said if work was not interesting and there was a lack of task management, employees would find a way to do something different, even from the office.
“I don’t think it’s an issue that an employee is distracted when working remotely. The workday has become longer, so people really need a break. There should be control over task performance, not how many working hours are spent on a hobby. Also, it may be normal for people to watch videos, as it may give insights into how to solve a problem,” he said in a press release.
It also found that the reason employees were taking breaks intentionally was as a distraction from high workloads, which was also cited as the most common reason to leave a cybersecurity job.
The report, which surveyed 5,266 IT and cybersecurity practitioners across 31 countries, found that almost half (46%) of IT security employees believe colleagues left a job because of these high workloads, while 41% of employees across other departments also shared this opinion.
This was confirmed by 48% of respondents explaining their distractions were needed as a break between tasks, rather than due to boredom or a lack of work.
Noting that working from home meant some duties and meetings were now scheduled outside the standard 9-to-5 workday, the firm suggested that it was even more important that workers take breaks to remain productive over an extended period.
Other suggestions was that a company employ enough IT security staff, with optimal numbers being one cybersecurity employee for every 10 IT professionals, with at least five working together on security monitoring per shift.