Author of the month: Lee Newcombe

Now more than ever, organisations are appreciating the benefits – and challenges – of Cloud computing.

The technology has revolutionised the way we work, and it’s been instrumental to the success of remote working during the COVID-19 crisis. But creating a secure and efficient Cloud environment is no easy task.

No one knows this more than Lee Newcombe, author of Securing Cloud Services – A pragmatic guide.

IT Governance Publishing recently published a second edition of this guide, which covers the latest developments in Cloud technology and security issues that organisations must overcome.

If you purchase this book from the IT Governance Publishing website by the end of July, use the offer code “Newcombe15” at the checkout to receive a 15% discount.

Who is Lee Newcombe?

Lee Newcombe has built a 20-year career in the security industry, starting in penetration testing and incident response, before going on to work in security design, architecture and implementation at a major retail bank, two of the Big Four consultancies and a global systems integrator.

Outside of his consultancy work, Newcombe has played an active role in the UK Cloud security community, presenting at several industry events and participating with the UK Chapter of the Cloud Security Alliance, of which he was the acting chair for two years.

He holds a variety of security certifications including CISSP, CCP, CCSK and is a full member of the Chartered Institute of Information Security (formerly the IISP).

Securing Cloud Services

Newcombe decided to write Securing Cloud Services after becoming frustrated with the lack of pragmatic guidance from those who had “been there, done that”.

He found that too much guidance was theoretical and not produced by practitioners – hence the subtitle to the book: “A pragmatic approach”.

The aim of his book was therefore not to tell the readers what to do or mandate the “one true way” of securing Cloud services. Rather, he aimed to arm the reader with enough background knowledge of the topic to guide them in delivering risk-managed outcomes whatever context they find themselves.

This philosophy has been carried forward into the second edition, which provides essential updates to account for the development of Cloud services in recent years.

Newcombe’s guide is aimed at business and IT decision-makers, as well as security practitioners looking for guidance on the secure usage of Cloud services. Readers will learn:

The context of Cloud services

The opening section explains the terminology of Cloud services, and provides insights into the major security issues, including SaaS (software as a service), PaaS (platform as a service), IaaS (infrastructure as a service) and FaaS (function as a service).

How to deliver security services

Part two introduces security architecture concepts and a conceptual Security Reference Model.

This model is then applied to the different Cloud service models to show how the conceptual security services within the reference model can be delivered for each Cloud service model.

The future of Cloud services

Part three attempts to forecast what might happen as the Cloud security environment evolves over the next few years.


Securing Cloud Services – A pragmatic approach is available in physical, e-book, ePub and Kindle formats. You can find out which format is right for you with our handy guide.

Receive 15% off Lee Newcombe’s book throughout July by ordering from the IT Governance Publishing website and entering the voucher code “Newcombe15” at the checkout.


What’s next?

Newcombe continues to provide organisations with consultancy support, and is currently delving into corporate digital ethics.

This is a field that looks at technology not just in terms of its legal requirements and practical uses but also the ways in which it can be used to deliver positive outcomes for wider society.

Technologies such as artificial intelligence, big data and biometrics can all be viewed as “dual use” and one of the challenges that Newcombe is dealing with is how organisations can use these tools responsibly.

Outside of Cloud, I have an increasing interest in corporate digital ethics and trying to guide the use of technology to deliver positive outcomes for wider society.

Technologies such as artificial intelligence, big data and biometrics can all be viewed as “dual use” and one of the challenges I am currently working on relates to a framework to guide decision makers down the path of the Light side rather than the Dark. There may even be a book in it…

Want to know more? Follow Lee Newcombe on LinkedIn and Twitter.