The majority of CIOs plan to foster a cloud-first strategy for enterprise applications next year, according to a new survey from Bitglass. The "cloud access security broker" conducted its survey of 92 CIOs and IT leaders at the Gartner Symposium IT Expo last month, and it released the findings today.\nHalf of the respondents reported cost savings in 2015 as a result of using SaaS applications, such as Microsoft's Office 365 and Google for Work, but they also continue to face security challenges. In 2016, 87 percent of IT leaders expect to increase security spending, and 77 percent plan to bump up cloud security expenditures for mobile and cloud-based services, according to the survey.\n[Related News: U.S. CIO tells IT leaders to trust the cloud]\nRoughly one in three (34 percent) IT leaders anticipates an increase of more than 20 percent in cloud security spending next year. The biggest cloud security challenges of 2016 will be controlling downloads (36 percent), evaluating cloud provider security (24 percent), external sharing (21 percent) and shadow IT (14 percent), according to the survey.\u00a0\n"CIOs now realize that shadow IT is not an employee attempt at mutiny, but a response to the poor choice of tools provided by IT," says Rich Campagna, vice president of products and marketing at Bitglass. "As the cloud-first mindset has become more commonplace, security concerns have shifted to topics like access from unmanaged devices and external sharing \u2014 common gaps in cloud applications."\nThe covert and unauthorized use of applications is less frequent, as more IT leaders embrace public cloud strategies, according to the findings. "The stated strategy for the majority of enterprises is to default to cloud," Campagna says.