The panel, entitled Is the Cloud Secure Enough for Business?, was held at AusCERT on the Gold Coast, Australia. Participants included IBRS analyst James Turner, NetWitness chief security officer Eddie Schwartz, Longhaus board member Sam Higgins and IT expert columnist Stilgherrian.
Stilgherrian told the panel's audience that the cloud computing security conversation should focus on what security firms are currently capable of doing, rather than an ideal security setup that may not be achievable.
Kaspersky concurred, noting that there is no such thing as a completely secure solution. "I will believe in aliens, but not security," he said, according to ZDNet.
According to Stilgherrian, there is consensus among information security experts regarding the centrality of contracts for keeping vendors accountable. Other panelists added that, when adopting cloud computing solutions, companies should be sure to check their vendors' claims rather than accepting their marketing on faith.
"When you talk about cloud in terms of what buyers need to understand, you do need to know how it's architected," Higgins told the other panel members. "You do need to know what the identity management strategy is. I don't think we should ever let anyone say, 'oh, it's cloud so we can just sort of let all of that go,'" he added.
According to Higgins, as the cloud computing field grows, some cloud vendors will develop trusted brands that are associated with impeccable security. Like the "Intel Inside" label created by chipmaker Intel, these cloud vendors will rely on the trust of customers who, although they do not understand the workings of cloud solutions, know they can rely on their providers.
As trust in the cloud grows, changing IT deployment practices are likely to affect IT spending for many companies. According to a recent Business Monitor International report, IT spending on products and services in the United States is expected to reach a total of approximately $671 billion by 2015.