Yes, I am in favour of using secure public cloud. That would mean large data storage, but the ability, then, to detect attack correctly when it's happening and protect the data better.
In terms of protecting that data, there are lots of mechanisms that can be used. For example, there are good products for cloud that enable you, at the field level, to encrypt data whenever you need to. If you have an insider threat and there's a breach, the data that's stolen is encrypted data. It's protected because it was protected properly as you stored it.
What we don't do a lot sometimes is organize our security design correctly, so when we're breached, we're not protected properly. We don't detect it fast enough and we don't know how to respond. To your point, if we organize ourselves and there is an insider threat, the data can be protected and we can more quickly detect and respond to the event, too.
One example I'm sure everyone is aware of is Snowden. He actually had a lot of access, and then was able to give himself more access. That's not exactly the paradigm you want to have in an environment. There are better ways of doing that.