About Burning Tree
At Burning Tree, we are uncompromising when it comes to doing what’s right for our clients. Our advice is always honest, pragmatic, and grounded in real-world experience — helping you make confident, informed decisions about your cybersecurity and digital resilience.
For over a decade, we’ve helped organisations build lasting security capability — assessing, benchmarking, and transforming how they manage risk and deliver business value through security. Our approach, built around the CMMI Cyber Maturity Model, enables organisations to clearly understand where they are today and define the practical steps to strengthen their capability for tomorrow.
Our team is made up of senior cybersecurity leaders and advisors — people who have held board-level and C-suite roles across industries such as finance, energy, education, and government. We’ve faced the same challenges our clients face: balancing risk, regulation, and innovation in complex global environments.
We work collaboratively, often alongside technology and service partners, but always remain independent and objective in our recommendations. Sometimes the answer lies in technology; often, it’s in process, governance, or culture. Either way, we focus on building capability, not dependency — ensuring your people, processes, and partners are aligned and empowered to keep your organisation secure.
This is the essence of Burning Tree: experienced people, trusted insight, and a clear path to cyber maturity.
As founder of Global Security Solutions (SA) and Burning Tree (UK), David has advised leading global enterprises — including HSBC, Shell, Pearson, and the Government of Jersey — on identity and access management (IAM), cyber strategy, and digital trust.
Throughout his career, David has combined deep technical understanding with strategic vision, serving as a board-level advisor and helping build Gartner’s security consulting practice across EMEA. His approach focuses on aligning cybersecurity maturity with business performance, ensuring measurable value and resilience.
Under David’s leadership, Burning Tree is evolving to meet the challenges of a new security era — expanding its associate network and service offerings to address the growing demand for quantum-resilient cryptography, AI governance, and CMMI-based cybersecurity benchmarking.
David is passionate about developing trusted partnerships, mentoring the next generation of security leaders, and helping organisations turn complex risk challenges into opportunities for growth and innovation.
What makes us different?
At Burning Tree, experience isn’t a slogan — it’s the foundation of everything we do. Every one of our consultants has operated at senior or board level, advising major organisations through complex cybersecurity, identity, and digital transformation challenges. When you work with us, you engage directly with these experts from start to finish — no handoffs, no junior teams, no dilution of insight.
Unlike larger firms, we are independent, agile, and pragmatic. We’re not here to sell software or push a particular solution. Instead, we take a holistic view of your security capability — assessing your people, processes, and technology to design the right interventions for your organisation at the right time.
Because we focus on outcomes, not billable hours, our clients benefit from clear, actionable advice, faster results, and better value. It’s why leading organisations trust Burning Tree when they want practical guidance that delivers measurable improvement, not just more complexity.
Security spanning a range of sectors
Over the years, we have worked with more than a hundred different clients at some of the largest global organisations and market-leading companies throughout the world. Our clients span across a range of sectors, including:
We are proud to say that we get a lot of repeat business. Even when contacts move from company to company, they often take us with them. And in the constantly evolving world of cyber security, these long-lasting relationships are crucial.
