We are witnessing the large-scale industrialization of the data center, owned and operated by the ICT operators who specialize in that task, with security technologies in the hands of the end user to remove any need to trust their human operators.
The traditional “protect the perimeter” model of enterprise data security, one where layers of security are added around enterprise data, access to which is limited to trusted insiders, clearly has challenges in a cloud model when outsiders (the folks running the cloud) have access to all your data and can monitor everything that you do in their environment.
The solution is not, as some would tell you in the security profession, better certification of cloud providers and external vetting of the human operators. Certification has a role but the ultimate answer will be the invention of technologies that completely remove the need for trusting the human operators.