Hiring a chief information security officer (CISO) is a tricky process. The job title is in the limelight, especially these days, when breaches are happening to so many businesses. The job turnover rate is high, with many CISOs quitting or getting fired because of security incidents or management frustration. And the supply of qualified candidates is low. According to the ISACA report, State of Cyber Security 2017, 48 percent of enterprises get fewer than 10 applicants for cybersecurity positions, and 64 percent say that fewer than half of their cybersecurity applicants are qualified. And that’s just the rank and file IT security positions, not the top jobs. So here are some things to consider when you need to find a CISO and you don’t want to hire a “chief impending sacrifice officer.”