"Not a day goes by where there isn't an article on this company or that government has had data leaked, stolen, or otherwise compromised."
True, but not all of them are cloud-related. Data has been being leaked / stolen / left behind on the train etc etc since forever. It's happened from 'closed' corporate systems, air-gapped systems where some muppet gets data on a CD / USB, unsecured / unencrypted laptops etc et etc.
The problem isn't 'cloud' per se, it's implementation by muppets at the behest of halfwits, which in turn is a symptom of beancounters refusing to provide the necessary budgets for staff, equipment and training and clueless business users imposing artificially and absurdly short deadlines.
There certainly can be a business justification for 'cloud' (which essentially is just a fancy name for outsourcing your data centre to a third party), but the business case has to include the contingencies for the cloud being inaccessible, just like an 'in-house' plan business continuity by having multiple data centres, mirrored server instances etc etc