In this episode of The Virtual CISO Moment, Greg Schaffer sits down with cybersecurity architect Dr. Natalia Semenova for a deep dive into the evolving world of AI risk and security architecture

With a Ph.D. in applied mathematics and experience spanning Google, Microsoft, Mercedes-Benz, and Deloitte, Natalia shares how her mathematical mindset shapes her approach to threat modeling, agentic AI, and governance frameworks. The conversation explores:

• Why AI threat modeling is fundamentally about subjects and objects
• What ISO 42001 gets right about AI governance
• How AI risk differs from traditional IT risk
• Why smaller businesses shouldn’t ignore AI governance
• The real role (and limits) of the virtual CISO
• Whether generative AI is eliminating security jobs—or creating new ones

Natalia also offers a powerful perspective on auditing: if you’re being audited, you should understand the auditor’s playbook.

If you’re navigating AI adoption, compliance, or evolving your vCISO practice, this episode delivers practical insights grounded in global experience.