Over 90 per cent of CISOs expect to be hit by cyber attack in 2016

Yet three-quarters of CISOs admit their security isn't up to scratch to deal with threat

Over 90 per cent of chief information security officers (CISOs) at FTSE 100 and FTSE 500 companies expect they will be targeted by some form of cyber attack in 2016.

This was a key, and rather worrying, finding from a survey by consultancy firm CEB of 160 FTSE-level organisations entitled IT Budget Benchmark 2016.

Furthermore, despite so many CISOs being aware of this threat, almost three-quarters said they didn't think they had adequate security in place to deal with the danger.

And many are throwing money at the problem in response, with CEB finding that security spend will account for 6.2 per cent of all IT budget spend this year.

Additionally, many firms are looking to big data to help by being better able to spot threats before it's too late. However, CEB advised that "cyber hygiene" is a better approach to tackling this threat, by educating staff to the types of cyber risks the organisation faces and making it clear good security is everyone's responsibility.

Another area of increased spending is the cloud, where 92 per cent of firms expect to spend over five per cent of their IT budget on cloud services. This is a notable increase on the 62 per cent that spent over five per cent of their budget on cloud in 2011.

It is worth pointing out that while five per cent may seem a small amount of an entire budget, as these are leading FTSE 100 and FTSE 250 organisations, the amount in total is likely to be significant.

Furthermore, the type of cloud spend is evolving, with infrastructure-as-a-service (IaaS) offerings now in use at 63 per cent of respondents' organisations, compared to 46 per cent in 2014.

Andrew Horne, IT practice leader at CEB, said that the results show that while many areas of old-style IT are now being dealt with by other lines of business, IT teams still sit at the heart of most tech requirements, and are spending more as a result.

"Many areas which used to be owned by the CIO - such as analytics or CRM systems - are now owned by individual teams with their own tools," he said.

"However, specific aspects like the cloud or cyber security still sit within the IT remit. While the CIO is becoming less of a lone wolf, IT still plays a central role in the more specialised areas of the job."

Computing's sister site V3 will host a Cloud & Infrastructure Live online event on 20-21 April discussing numerous aspects of moving to the cloud and the benefits it brings. Register now to hear more about issues concerning data centres and the cloud.