Cloud Security Really? Really???
Ok, we know the cloud is precompromised with back doors, that is a given. So ANY vague insinuation that the public cloud is more secure than a private cloud reduces the credibility of the speaker to nil. But that's the simple truth.
The other comments regarding humans being the weakest link in security is relatively true, the challenge is how to convince people to take it seriously. I see the issue as being a case of stakeholder ownership. If the investor is the only valued stakeholder in the enterprise and the senior positions are the only ones being compensated (read over paid) for the efforts of the entire staff supporting the profits, then the "it's just a job" mentality rules. If the employees feel no vested interest to put the extra effort in protecting the company they work for then they simply won't do it. Nothing anyone can say will change that. Look at all the BYOD and rogue AP issues that still plague the ecosystem. The same lack of investment recognition is what disconnects the employee from the business allowing them to see the company as "other than me."
So why are the pundits pushing the public cloud agenda? Uh, simple money and monitoring... and neither of them benefit you the business consumer. Government and marketing firms get to monitor you and behaviours, and you have the privlege of paying them to do it.
Remember It Was NOT Always This Way. This is new and the pundits are just gas-lamping you into thinking this is an acceptable new norm. I submit it is not acceptable and truly is dangerous to business, profits, and privacy.
So here is the real conversation as I see it:
If we are to "Own Our Data" and control our personal experience in life, how do we correct the course we are being steered onto? Or is the Idiocracy world (see the movie) the actual desired environment we wish to live in? Is the apathy incurable? It has already been proven the short term quarterly profit goal model is unsustainable whereas the historical long term business model that values all 4 components of business (investor, management, employee and customer) is successful.
This is a disease that must be treated holistically; validate/compensate employees to build vested interest in success thus motivating them to take security seriously, ignore pundits like that idiot who is simply pushing someone elses product/service that you really don't need and (not can) will put your business at risk, and most importantly Own Your Data like the actual gold that it is. Precompromised security is simply that... Compromised.