Security for IT has always been based on keeping people out of the data centre.
However, with cloud computing becoming more prominent, this pattern needs to change.
"The security model traditionally has been one of outside in, [with] a strong perimeter and different layers behind that, always focusing on the intruder coming in," he said.
"With cloud we have to change the way we think. It is inside out security about security systems, access rights, data and the whole chain as at that point the data can exist anywhere."
Trevor Dearing, head of enterprise marketing for Juniper Networks, agreed that the model needed to change, comparing the current one to a castle and the future to a hotel.
"The model is changing. Before we had a castle and built a moat around the data centre... but in the world of virtualisation everything moves around," he added.
"Security policy was traditionally built around the idea of being behind a firewall. The challenge with cloud is it can change from minute to minute, second to second... and the model is something more like a hotel where security acts as a service."
Security experts have the attitude that if you are not sure something is secure then just don't do it, which just cannot continue with cloud computing, according to John Colley, managing director of ISC2 in Europe.
"The business case for cloud computing is very compelling and it will happen with or without information security's blessing," he said.
"The role for them to do is work out how to do it securely [and] look at how things can be done instead of why things cant be done."
Ferguson controversially concluded the debate saying: "The reason I think cloud is absolutely a viable model [is that] it has already been adopted by criminals and they are the leading edge adopters."
"They see the power, scalability, availability and in their case for them anonymity of this technology and want to use it."
Get the ITPro. daily newsletter
Receive our latest news, industry updates, featured resources and more. Sign up today to receive our FREE report on AI cyber crime & security - newly updated for 2023.
Jennifer Scott is a former freelance journalist and currently political reporter for Sky News. She has a varied writing history, having started her career at Dennis Publishing, working in various roles across its business technology titles, including ITPro. Jennifer has specialised in a number of areas over the years and has produced a wealth of content for ITPro, focusing largely on data storage, networking, cloud computing, and telecommunications.
Most recently Jennifer has turned her skills to the political sphere and broadcast journalism, where she has worked for the BBC as a political reporter, before moving to Sky News.