Security companies must convince businesses that the cloud is safe and trustworthy.
This was the view of Hugh Njemanze, chief technology officer and co-founder of ArcSight, who spoke to IT PRO at InfoSecurity 2010.
"In terms of the absolute risk (cloud computing) is probably no more risky than what people are doing today," he said.
"[However] in terms of conceptual risk it is much more scary. Traditionally you own your own data centre and at least have the illusion it is under your control. With cloud you don't see the data centre, don't know if you can trust it and have to worry about it."
He believed that is was not only down to the cloud services providers to make users feel the cloud is safe, but the majority of the responsibility falls on companies like his own.
"There is a PR job for those providing cloud services but the other part is you can provide tools to let people look after their own security independent of what the cloud is doing," added Njemanze.
"It is a 60/40 split with more weight on those [providing] the customer's ability to defend themselves."
He concluded that while the likes of Salesforce.com refuse to shout from the rooftops what security vendors they are using within their environments, security vendors will have to do the job themselves.
Read on for more news from InfoSec 2010.
