What Exactly Is Talent? Part 1, Cybersecurity Technician Talent

 

The nuts and bolts. The inside-out. Top to bottom. A to Z. The whole enchilada. Your cybersecurity technician may not come in knowing all these but this is the cybersecurity technician's domain.

Cybersecurity technician talent is not dependent on where (or whether) that person went to college, or their MOS in the military, or the factoid that they held this job at a different organization. Sure, those are signs that the person is minimally competent, and yes that counts. But even recruiting at the 'right' elite college won't guarantee you more than that. Because other things count, also. And you/your recruiters are remiss if they don't take these other things into consideration.

What counts beyond minimum competence is talent. We previously discussed the definition of talent offered by Conchie & Dalton: "A measurable, innate characteristic that a person demonstrates consistently in order to achieve high performance. Talents are strictly defined. A person who has a strong measure in a specific talent will perform predictably better in tasks related to that talent."

An easy rubric, especially for organizations that are new to hiring, is this: attaining certifications, having a degree, or cybersecurity experience in the military or at another company, are signs of past behavior; talent is about future behavior.

What are some cybersecurity technician talents?

We at Pythia carried out a study of over 150 10-K filings in 2025 (soon to be updated to 2026), along with reviews of position descriptions across the Internet and in the NIST CSF. We also tapped into our significant experience with talent-based studies from organizations across the world. This review process identified a conceptual model of five clusters that are required for effective performance as a cybersecurity professional: Direction, Drive, Influence, Relationship, and Execution. They are defined as follows:

• Direction – where do you want to lead?
• Drive – what motivates you?
• Influence – how do you shape the beliefs and thoughts of others?
• Relationship – how do you prefer to work with others?
• Execution – how do you shape the work goals of others and self?

All cybersecurity professionals have talents in these areas. The nature of those talents and degree to which there is more in some areas than others depends on the level of employee.

Different organizations are going to value some of these talents more than others. Smaller organizations are probably going to need technicians with a lot of relationship and execution talent; larger organizations are going to need technicians with a lot of drive and influence talent, though they will benefit by hiring for direction also. 

Based on over 100 years of empirical organizational science research, and based on our process to identify these talent elements, we can state affirmatively that all organizations will reduce their cybersecurity hiring risk by hiring for these talents.

In the NIST CSF 'response to AI' framework, we see cybersecurity technicians filling the "secure" part of the cybersecurity process. A technician's contribution is not at the counter-cyberattack/systems integrity maintenance level ("thwart") or the executive risk management level ("defend").

For a cybersecurity technician role, a talent-based approach means that you will hire someone who "gets it," wants to engage with your systems and processes, can identify the signal within the noise, and is looking to learn and grow.

Question 1: Did you have other goals for this person?

Question 2: Can you manage that person's performance?

We'll have posts later on ways we measure these talents, and how they differ from competencies. Also, we will post about cybersecurity manager talent and cybersecurity executive talent.

Ask us how we can help you clarify the talent you need at any level of your cybersecurity function.

(photo credit to Anilú Pérez 28 - Own work, CC BY-SA 4.0,  ttps://commons.wikimedia.org/w/index.php?curid=90424153)