How Templafy’s CISO Builds Trustworthy AI for Enterprise Documents

Today we're meeting Ellen, CISO at Templafy.

She specialises in information security and risk management within SaaS and enterprise environments, leading security, IT and privacy to enable growth in rapidly evolving technical landscapes.

Over to you Ellen - my questions are in bold:

Who are you, and what's your background?

I'm Ellen Benaim, CISO at Templafy. I have a background in information security and risk management within SaaS and enterprise environments. As CISO, my mission is to scale security as a foundational enabler of growth, helping Templafy thrive in a rapidly evolving technical landscape.

What is your job title, and what are your general responsibilities?

I lead Information Security, IT and Privacy at Templafy - owning the integrity of our systems, the safety of our data and the trust that underpins our product.

Can you give us an overview of how you're using AI today?

We use and build AI to simplify document creation, ensuring accuracy, compliance and brand alignment – among many other really cool things. Our tools integrate with platforms like Microsoft Office, streamline workflows and are built with data security at the core.

Tell us about your investment in AI? What's your approach?

We prioritise a thoughtful, security-first approach to AI and we've got dedicated teams working on features we've developed internally. We frequently work closely with companies like Microsoft to further extend our platform in an effort to ensure we're meeting all privacy and security standards before we roll anything out.

What prompted you to explore AI solutions? What specific problems were you trying to solve?

There was too much wrong with the way document workflows were put together. We wanted to reduce the time it took to generate documents and the errors they were prone to. For Templafy and its users, AI helps automate document generation, suggests improvements and ensures documents meet compliance and branding standards, while giving efficiency a much-needed boost.

Who are the primary users of your AI systems, and what's your measurement of success? Have you encountered any unexpected use cases or benefits?

We've got users in lots of industries, and they all rely on us for the same thing – compliant document generation. This is why our success metrics are fairly simple – efficiency gains and error reductions are what matter to us. Aside from the benefits I've mentioned here, we've heard frequently that Templafy's technology helps onboard new employees faster by guiding and streamlining document standards. We're pretty happy with that!

What has been your biggest learning or pivot moment in your AI journey?

It didn't take long for us to learn that trust and transparency are critical. Even with the most powerful, effective AI features, above all users want to know how those tools work and how their data is protected. These are all things that have shaped how we communicate and design features.

What skills or capabilities are you currently building in your team to prepare for the next phase of AI development?

The main focus is upskilling in security around AI. Our goal with this is to ensure our team is fully prepared to manage, develop and secure next-gen AI-driven capabilities.

How do you address ethical considerations and responsible AI use in your organisation?

At Templafy, we approach responsible AI as both a security and ethical imperative. Our cross-functional teams, including legal, privacy, security and product, collaborate to ensure that AI deployments align with our values and with regulatory expectations. And from a security perspective, we treat the AI models and integrations around them as critical assets, embedding into our ISO27001 controls such as version control, access governance and monitoring - to ensure integrity and traceability.

If you had a magic wand, what one thing would you change about current AI technology, regulation or adoption patterns?

The biggest barrier to unlocking AI's potential isn't access, it's capability and capacity. Most people don't need convincing that AI is powerful. What they need is time, space and support to actually engage with it.

If I could change one thing, I'd embed structured time into people's roles - across departments, not just technical teams - to play, explore and test AI tools in their real workflows. Not in theory. But as live, supported experimentation. And more importantly, this kind of literacy also builds security and risk awareness. People are less likely to misuse AI when they've been empowered to use it well.

What is your advice for other senior leaders evaluating their approach to using and implementing AI? What's one thing you wish you had known before starting your AI journey?

Always start with a clear use case. AI is there to solve existing, real problems – throwing AI into the mix for no real reason only introduces new problems. Further, cross-functional collaboration is key. AI won't work if it's only touching one unit of your business and only some of your teams. Get everyone involved and build trust. As for what I wish I'd known earlier, easy – I wish I'd known how vital user education would be from the onset. We live and learn!

What AI tools or platforms do you personally use beyond your professional use cases?

ChatGPT (GPT-4o) is my daily companion for everything from journaling complex ideas to planning travel. I often use custom GPTs tailored for adversarial thinking or even writing prompts that force me to reframe a problem from another perspective. Of course, I use Templafy's tools when I'm working, which shouldn't come as a surprise!

What's the most impressive new AI product or service you've seen recently?

AI SOC Analyst platforms stand out, lightweight agents that support always overstretched security teams by automating triage, enrichment and alert prioritization. They free up human analysts to focus on complex investigation and strategic thinking, while the AI handles the noise. These tools are only going to get better.

Finally, let's talk predictions. What trends do you think are going to define the next 12-18 months in the AI technology sector, particularly for your industry?

We are seeing a flood in the market with AI tools – some poorly scoped, unaudited, insecure agents wired into business-critical workflows. And it might take just one catastrophic breach - a data leak, a compromised agent or a poisoned model output triggering real-world consequences - to snap the industry awake. One major incident targeting a high-value AI model, and security spending in this space will double virtually overnight. In the meantime, the most forward-thinking enterprises will prioritise partnerships with trustworthy AI vendors to proactively mitigate these risks.

Thank you Ellen. Connect with Ellen on LinkedIn and read more about Templafy at their website.