About Burning Tree

At Burning Tree, we are uncompromising when it comes to doing what’s right for our clients. Our advice is always honest, pragmatic, and grounded in real-world experience — helping you make confident, informed decisions about your cybersecurity and digital resilience.

For over a decade, we’ve helped organisations build lasting security capability — assessing, benchmarking, and transforming how they manage risk and deliver business value through security. Our approach, built around the CMMI Cyber Maturity Model, enables organisations to clearly understand where they are today and define the practical steps to strengthen their capability for tomorrow.

Our team is made up of senior cybersecurity leaders and advisors — people who have held board-level and C-suite roles across industries such as finance, energy, education, and government. We’ve faced the same challenges our clients face: balancing risk, regulation, and innovation in complex global environments.

We work collaboratively, often alongside technology and service partners, but always remain independent and objective in our recommendations. Sometimes the answer lies in technology; often, it’s in process, governance, or culture. Either way, we focus on building capability, not dependency — ensuring your people, processes, and partners are aligned and empowered to keep your organisation secure.

This is the essence of Burning Tree: experienced people, trusted insight, and a clear path to cyber maturity.

data security company
information security services
David Lello
David LelloChief Executive Officer
David Lello is an internationally recognised cybersecurity executive with over 30 years of experience helping organisations navigate the intersection of technology, risk, and transformation.
As founder of Global Security Solutions (SA) and Burning Tree (UK), David has advised leading global enterprises — including HSBC, Shell, Pearson, and the Government of Jersey — on identity and access management (IAM), cyber strategy, and digital trust.
Throughout his career, David has combined deep technical understanding with strategic vision, serving as a board-level advisor and helping build Gartner’s security consulting practice across EMEA. His approach focuses on aligning cybersecurity maturity with business performance, ensuring measurable value and resilience.
Under David’s leadership, Burning Tree is evolving to meet the challenges of a new security era — expanding its associate network and service offerings to address the growing demand for quantum-resilient cryptography, AI governance, and CMMI-based cybersecurity benchmarking.
David is passionate about developing trusted partnerships, mentoring the next generation of security leaders, and helping organisations turn complex risk challenges into opportunities for growth and innovation.

What makes us different?

At Burning Tree, experience isn’t a slogan — it’s the foundation of everything we do. Every one of our consultants has operated at senior or board level, advising major organisations through complex cybersecurity, identity, and digital transformation challenges. When you work with us, you engage directly with these experts from start to finish — no handoffs, no junior teams, no dilution of insight.

Unlike larger firms, we are independent, agile, and pragmatic. We’re not here to sell software or push a particular solution. Instead, we take a holistic view of your security capability — assessing your people, processes, and technology to design the right interventions for your organisation at the right time.

Because we focus on outcomes, not billable hours, our clients benefit from clear, actionable advice, faster results, and better value. It’s why leading organisations trust Burning Tree when they want practical guidance that delivers measurable improvement, not just more complexity.

Security spanning a range of sectors

Over the years, we have worked with more than a hundred different clients at some of the largest global organisations and market-leading companies throughout the world. Our clients span across a range of sectors, including:

information security consultants london
Financial Services
data security company
Energy and Utilities
cyber security solutions
Telecommunications and Media
managed cyber security
Education, Publishing and Research
cybersecurity assessment
Retail and Manufacturing
cyber security services
Public Sector
cyber security services company
Major Business Software Vendors
cyber security threats
Security Technology Vendors
identity and access management
Incubation and Innovation Partners

We are proud to say that we get a lot of repeat business. Even when contacts move from company to company, they often take us with them. And in the constantly evolving world of cyber security, these long-lasting relationships are crucial.

Our Services

cyber security help

Consulting

Our high-level Consultancy Services provide organisations with a strategic approach to information security. We help you keep your information and digital assets safe.

cyber security management

Technology

We work with a wide range of leading technology and software partners – allowing us to make suitable and objective recommendations based on your particular security needs.

cyber security experts near me

Risk Assessment

Our online triage tool, ASURE, automates the security assurance process and provides a 360° view of evolving security threats and the risks associated with change.