The unfolding details about the devastating hacker attack at Sony is just one example of the increasing challenges companies face. Chief Information Security Officers tell IBM that they are “outgunned in the cyber war.”

In a new survey of CISOs, more than 80 percent say that outside threats are increasing.

The Sony story is shaping up as “one of the largest digital breaches ever against an American company,” according to the Associated Press.

“The Sony materials include studio financial records, employment files and what already has been revealed as salacious gossip by Hollywood executives about President Barack Obama and some of the industry’s big stars and upcoming films.”

How bad is this continuing battle between companies and hackers?

In all, 60 percent of CISOs concede that they are outgunned.

And as more companies continue to embrace “cloud computing,” CISOs tell IBM (NYSE: IBM) that the cloud as well as big data are priorities for improved protection.

So, too, is mobile data.

So what are companies doing to counteract the growing threats?

Many are bumping up the importance of security, CISOs tell IBM in 138 interviews. In fact, they see security as being more important than new technology, regulation and internal threats combined. 

While new security technology is being deployed, nearly half of the CISOs surveyed say deploying new defenses is the top focus.

Top points of emphasis for what IBM calls “in need of dramatic transformation” are:

  • Data “leakage” prevention
  • Cloud security
  • Mobile/device security

Other findings in the survey:

  • Cloud Security Continues to Lead the Agenda

“While concern over cloud security remains strong, close to 90 percent of respondents have adopted cloud or are currently planning cloud initiatives. Of this group, 75 percent expect their cloud security budget to increase or increase dramatically over the next three to five years.”

  • Data Driven Security Intelligence Capabilities are Top of Mind

“Over 70 percent of security leaders said real-time security intelligence is increasingly important to their organization. Despite this strong agreement, the study found areas such as data classification and discovery and security intelligence analytics have relatively low maturity (54 percent) and require a higher need for improvement or transformation.”

  • Significant Mobile Security Needs Still Remain

“Despite the growing mobile workforce, only 45 percent of security leaders stated they have an effective mobile device management approach. In fact, according to the study, mobile and device security ranked at the bottom of the maturity list (51 percent).”

  • Managing Uncertainty around Government Landscape

“CISOs face additional challenges from governments as nearly 80 percent of respondents said the potential risk from regulations and standards have increased over the past three years. Security leaders are most uncertain about whether governments will handle security governance on a national or global level as well as how transparent they will be in doing so. Only 22 percent think that a global approach to combating cybercrime will be agreed upon in the next three to five years.”

  • Empowering Today’s Security Leaders

“With cyber attacks and government regulations continuing to evolve, a majority of organizations have redefined their view of security over the past three years, vaulting security leaders into more influential roles. According to the study, 90 percent of security leaders strongly agree that they have significant influence in their organization, with 76 percent stating that their degree of influence has significantly increased in the last three years. In addition, 71 percent strongly agree that they are receiving the organizational support that they need in order to do their jobs effectively.”