Organisations are realizing a transformation from being "system-centric" to "information centric" – with a greater focus on the importance of data that will be increasingly distributed to a wide range of endpoints and devices. Moving to an information-centric world requires determining what data assets will be critical in the future, and how to protect them properly. It also requires very different priorities and skills than just managing the physical infrastructure in a system-centric manner.
In the context of Information Security and Risk Management, Cloud Computing has introduced another factor into your information-centric IT.
Along with my recommendation to attend the Information Security and Risk Management sessions @ Vision 2011 in Barcelona, I would like to recommend the following research from IT Policy Compliance Group:
The findings in "Managing the Benefits and Risks of Cloud Computing" reveal two very different outcome and utilization profiles for Cloud computing among organizations. The research uncovers the differences in benefits and risks that are being experienced by organization of very different sizes and outcomes, and what the best performers are doing very differently to manage more business value and less risk from the uses of Cloud computing.
Just download the report and read it on your way to Barcelona.