Being in the Cloud is not the issue, not for Backups neither for Applications running fully on S3 or something like that. The problem is rather that secure configuration of such solutions might end up not being that well designed.
Recently I read from a swiss tax income app which was running on S3, that's no problem. The problem was that the bucket storing scanned Documents was publicly readable from anyone who knew which bucket it was.
Still no argument against the Cloud there, just that your strategies should be adopted where possible. Secure your Cold Storage and if possible use encrypted Backups - just in case...