KBKAST Episode 359 Deep Dive: Omar Khawaja | Data Intelligence for Cybersecurity

Podcast: KBKAST Host: KBI.Media (Carissa, "C") Guest: Omar Khawaja ("A"), Vice President of Security and Field CISO, Databricks Release Date: March 18, 2026

Episode Overview

In this strategic session, host Carissa invites Omar Khawaja to discuss the evolving role of data and AI in cybersecurity. Eschewing technical minutiae, the conversation explores the strategic impact of data intelligence, the realities of AI adoption, organizational fatigue, tool consolidation, the rise of agentic AI, and the cultural shifts required to successfully leverage these technologies. The episode is a candid, practical analysis of how organizations can drive meaningful outcomes—with a focus on data strategy, security governance, and adapting to rapid change.

Key Discussion Points & Insights

1. AI Fatigue and the "Right Tool for the Job"

AI ≠ Magic Solution: Omar cautions against the blanket application of AI, suggesting a more nuanced approach—using data intelligence as the real foundation. AI is only one part of a larger toolkit.
- Quote: "Our point of view is not that AI is going to solve...but we think data plus AI is likely the best defense." – Omar [01:47]
Problem Fit Test: AI should be used for problems with high ambiguity, reasoning, and unstructured data—not simply as a reflex solution.
Traditional Analytics: In many cases, classic analytics and BI still provide better value for less complexity.
- Quote: "You're much better off using more traditional analytic techniques...in order to mine your data to extract value." – Omar [02:36]

2. Fatigue in the CISO Community and the VUCA Environment

Constant AI Hype: CISOs are overwhelmed by continuous AI use case requests and vendor promises.
Introducing VUCA: The world and cyber landscape are increasingly Volatile, Uncertain, Complex, and Ambiguous.
- Quote: "When AI came in and introduced even more VUCA...cyber teams are particularly impacted." – Omar [04:20]
Skill Gaps and Organizational Overwhelm: Most security teams lack data/AI talent and the capacity to upskill at required speed.
Fatigue Sources: Not getting tangible outcomes after investing effort breeds exhaustion and skepticism towards new tech.

3. Industry-Wide AI Adoption and Realism

The "Outcome Gap": Most non-tech-native organizations have not realized as much value from AI as anticipated.
- Quote: "The majority feel like they did not make as much progress with their AI initiatives..." – Omar [08:12]
Amara’s Law: In the short term, AI progress is overestimated; in the long term, impact is underestimated.
- Quote: "In the short term, we overestimate how much we can do, and over the long term, we underestimate what we can do." – Omar [08:28]
Reflective Practice: Leading organizations are re-examining operating models, not just blaming tech or vendors.

4. The Strategic Value (and Risk) of Holding Data

From Data Hoarding to Data Governance: There's tension between the competitive value of data and the liability it creates in breaches.
- Quote: "If retaining the data ends up increasing our data breach risk ... then to be able to get value from their data takes quite a bit of checking the boxes..." – Omar [13:10, 04:30]
Industry Leaders’ Approach: Mature organizations focus on securing and governing data to extract AI value, rather than purging data out of fear.
Consolidating Data Landscapes: The move is towards unification, less fragmentation, and more actionable intelligence (using platforms like Databricks).

5. Data Intelligence vs. Traditional Security Tools

Tool Fatigue & Overlap: The security stack is bloated with overlapping tools; value now comes from simplification and integration.
- Quote: "To get more value from the security program, they actually need fewer tools." – Omar [21:25]
Complexity at Scale: The challenge is not what to do (patch, log, detect), but doing it comprehensively across massive, complex estates.
- Quote: "Fixing vulnerabilities in a thousand systems is kind of hard. But what do you do if you have a million systems?" – Omar [17:10]

6. The Security Platform Era and Industry Consolidation

From Point Solutions to Platforms: The cycle is swinging back to platformization, with organizations seeking fewer, more capable core vendors.
- Quote: "History repeats itself ... are we going back to the IBM sort of days?" – Carissa [24:00]
Outsourcing Non-Differentiators: Internal teams should focus on unique value; standardized capabilities are increasingly sourced from scalable vendors.
Market Dynamics: Expect continued acquisitions and growth of core platforms, but also a persistent crop of innovative startups.
- Quote: "Most of these startups...get acquired...or go out of business. So ultimately, more and more of the security capabilities have been shifting to larger platforms." – Omar [27:30]
- Quote: "The big players will likely get bigger, but...a very healthy market of cyber startups...will continue to flourish." – Omar [29:28]

7. Agentic AI: Promise, Reality, and Security

Agentic AI's Added Value: The shift to agentic AI (which can perform actions and function calls) reduces hallucinations and supports better real-world integration.
- Quote: "What agents allow is for the ability to take actions and for the ability to call functions...enables this ability for the AI to gain better access to authoritative sources..." – Omar [31:07]
- Personal Analogy: Omar likens agentic AI to checking your calendar (the authoritative source) before committing to plans—improved accuracy and fewer conflicts.
Technology Challenges: Manual configuration, difficulty measuring quality, and cost/quality tradeoffs are key barriers—but new solutions (like Databricks Agent Bricks) are reducing the friction.
Governance and Talent Evolution: New frameworks are required because few have deep experience in AI/agentic tech—security and risk teams must adapt.

8. The New Talent Landscape: Unlearning and Leveling the Playing Field

Novices and Veterans Alike: Everyone, regardless of tenure, is confronted with learning and unlearning. There are no 30-year veterans of agentic AI.
- Quote: "The current talent in organizations doesn't know how to discern [AI risk]...AI in agentic is new for pretty much everyone." – Omar [36:33]
Challenge of Assumptions: Veteran professionals may be disadvantaged if unwilling to question or unlearn old mental models.
- Quote: "People like me...with decades of experience, we are disadvantaged...my assumptions of how things work are not related to AI, but I project them on AI..." – Omar [41:11]
Overcoming Fear and Building Trust: Security teams must move from "No, or maybe later" to structured risk-based assessments using open frameworks.

9. Predictions and Forward-Looking Perspective

2026 Outlook: Expect more organizations to embrace learning and change, moving away from simply copying past practices to genuinely adapting to AI and data-driven models.
- Quote: "The hubris is going to start to go down and more of the growth mindset is going to start to emerge." – Omar [45:05]

Notable Quotes & Memorable Moments

"Fatigue is real, especially from parts of organizations...the average CISO org is overwhelmed. They were overwhelmed before AI became a big thing." – Omar Khawaja [03:54]
"Amara's Law basically says, in the short term, we overestimate how much we can do, and over the long term, we underestimate what we can do." – Omar Khawaja [08:28]
"Many organizations are now in that season of their program where...to get more value from the security program, they actually need fewer tools." – Omar Khawaja [21:25]
"The primordial response to something novel is fear. And when we have fear, there's really one of three reactions: fight, flee, or freeze." – Omar Khawaja [42:28]
"The business teams are losing trust in the security orgs because...with AI, they're still playing catch up." – Omar Khawaja [44:11]

Timestamps for Key Segments

| Timestamp | Segment/Topic | |-------------|-------------------------------------------------------------------| | 01:47 | AI as defense: nuance around "AI is the best solution" | | 03:54 | Real-world AI fatigue; the barrage facing CISOs | | 08:28 | Amara's Law and short/long-term expectations | | 13:10 | Data retention vs. breach risk: strategic data management | | 16:29 | Why data is becoming a more powerful security tool | | 21:25 | Security tool bloat and the value of platformization | | 27:27 | Market dynamics: consolidation, M&A, and the future of startups | | 31:01 | Agentic AI: value, difference, and challenges | | 36:33 | Talent, discernment, unlearning and leveling up | | 44:59 | Industry predictions for 2026 and the importance of mindset shift |

Concluding Thoughts

This episode delivers a strategic, actionable analysis of the inflection point facing cybersecurity leaders: meaningful outcomes will not come from naive AI adoption or unchecked tool accumulation, but from intentional data intelligence strategies, unlearning old playbooks, and fostering a culture of adaptation, risk modeling, and governance. Omar Khawaja provides frameworks and analogies that demystify the complex, while Carissa keeps the discussion grounded in real organizational challenges.

Listen to the episode for a deep, practical, and forward-looking conversation on the future of data, AI, and cybersecurity strategy.

KBKAST Episode 359 Deep Dive: Omar Khawaja | Data Intelligence for Cybersecurity

Podcast: KBKAST Host: KBI.Media (Carissa, "C") Guest: Omar Khawaja ("A"), Vice President of Security and Field CISO, Databricks Release Date: March 18, 2026

Episode Overview

Key Discussion Points & Insights

1. AI Fatigue and the "Right Tool for the Job"

AI ≠ Magic Solution: Omar cautions against the blanket application of AI, suggesting a more nuanced approach—using data intelligence as the real foundation. AI is only one part of a larger toolkit.
- Quote: "Our point of view is not that AI is going to solve...but we think data plus AI is likely the best defense." – Omar [01:47]
Problem Fit Test: AI should be used for problems with high ambiguity, reasoning, and unstructured data—not simply as a reflex solution.
Traditional Analytics: In many cases, classic analytics and BI still provide better value for less complexity.
- Quote: "You're much better off using more traditional analytic techniques...in order to mine your data to extract value." – Omar [02:36]

2. Fatigue in the CISO Community and the VUCA Environment

Constant AI Hype: CISOs are overwhelmed by continuous AI use case requests and vendor promises.
Introducing VUCA: The world and cyber landscape are increasingly Volatile, Uncertain, Complex, and Ambiguous.
- Quote: "When AI came in and introduced even more VUCA...cyber teams are particularly impacted." – Omar [04:20]
Skill Gaps and Organizational Overwhelm: Most security teams lack data/AI talent and the capacity to upskill at required speed.
Fatigue Sources: Not getting tangible outcomes after investing effort breeds exhaustion and skepticism towards new tech.

3. Industry-Wide AI Adoption and Realism

The "Outcome Gap": Most non-tech-native organizations have not realized as much value from AI as anticipated.
- Quote: "The majority feel like they did not make as much progress with their AI initiatives..." – Omar [08:12]
Amara’s Law: In the short term, AI progress is overestimated; in the long term, impact is underestimated.
- Quote: "In the short term, we overestimate how much we can do, and over the long term, we underestimate what we can do." – Omar [08:28]
Reflective Practice: Leading organizations are re-examining operating models, not just blaming tech or vendors.

4. The Strategic Value (and Risk) of Holding Data

From Data Hoarding to Data Governance: There's tension between the competitive value of data and the liability it creates in breaches.
- Quote: "If retaining the data ends up increasing our data breach risk ... then to be able to get value from their data takes quite a bit of checking the boxes..." – Omar [13:10, 04:30]
Industry Leaders’ Approach: Mature organizations focus on securing and governing data to extract AI value, rather than purging data out of fear.
Consolidating Data Landscapes: The move is towards unification, less fragmentation, and more actionable intelligence (using platforms like Databricks).

5. Data Intelligence vs. Traditional Security Tools

Tool Fatigue & Overlap: The security stack is bloated with overlapping tools; value now comes from simplification and integration.
- Quote: "To get more value from the security program, they actually need fewer tools." – Omar [21:25]
Complexity at Scale: The challenge is not what to do (patch, log, detect), but doing it comprehensively across massive, complex estates.
- Quote: "Fixing vulnerabilities in a thousand systems is kind of hard. But what do you do if you have a million systems?" – Omar [17:10]

6. The Security Platform Era and Industry Consolidation

From Point Solutions to Platforms: The cycle is swinging back to platformization, with organizations seeking fewer, more capable core vendors.
- Quote: "History repeats itself ... are we going back to the IBM sort of days?" – Carissa [24:00]
Outsourcing Non-Differentiators: Internal teams should focus on unique value; standardized capabilities are increasingly sourced from scalable vendors.
Market Dynamics: Expect continued acquisitions and growth of core platforms, but also a persistent crop of innovative startups.
- Quote: "Most of these startups...get acquired...or go out of business. So ultimately, more and more of the security capabilities have been shifting to larger platforms." – Omar [27:30]
- Quote: "The big players will likely get bigger, but...a very healthy market of cyber startups...will continue to flourish." – Omar [29:28]

7. Agentic AI: Promise, Reality, and Security

Agentic AI's Added Value: The shift to agentic AI (which can perform actions and function calls) reduces hallucinations and supports better real-world integration.
- Quote: "What agents allow is for the ability to take actions and for the ability to call functions...enables this ability for the AI to gain better access to authoritative sources..." – Omar [31:07]
- Personal Analogy: Omar likens agentic AI to checking your calendar (the authoritative source) before committing to plans—improved accuracy and fewer conflicts.
Technology Challenges: Manual configuration, difficulty measuring quality, and cost/quality tradeoffs are key barriers—but new solutions (like Databricks Agent Bricks) are reducing the friction.
Governance and Talent Evolution: New frameworks are required because few have deep experience in AI/agentic tech—security and risk teams must adapt.

8. The New Talent Landscape: Unlearning and Leveling the Playing Field

Novices and Veterans Alike: Everyone, regardless of tenure, is confronted with learning and unlearning. There are no 30-year veterans of agentic AI.
- Quote: "The current talent in organizations doesn't know how to discern [AI risk]...AI in agentic is new for pretty much everyone." – Omar [36:33]
Challenge of Assumptions: Veteran professionals may be disadvantaged if unwilling to question or unlearn old mental models.
- Quote: "People like me...with decades of experience, we are disadvantaged...my assumptions of how things work are not related to AI, but I project them on AI..." – Omar [41:11]
Overcoming Fear and Building Trust: Security teams must move from "No, or maybe later" to structured risk-based assessments using open frameworks.

9. Predictions and Forward-Looking Perspective

2026 Outlook: Expect more organizations to embrace learning and change, moving away from simply copying past practices to genuinely adapting to AI and data-driven models.
- Quote: "The hubris is going to start to go down and more of the growth mindset is going to start to emerge." – Omar [45:05]

Notable Quotes & Memorable Moments

"Fatigue is real, especially from parts of organizations...the average CISO org is overwhelmed. They were overwhelmed before AI became a big thing." – Omar Khawaja [03:54]
"Amara's Law basically says, in the short term, we overestimate how much we can do, and over the long term, we underestimate what we can do." – Omar Khawaja [08:28]
"Many organizations are now in that season of their program where...to get more value from the security program, they actually need fewer tools." – Omar Khawaja [21:25]
"The primordial response to something novel is fear. And when we have fear, there's really one of three reactions: fight, flee, or freeze." – Omar Khawaja [42:28]
"The business teams are losing trust in the security orgs because...with AI, they're still playing catch up." – Omar Khawaja [44:11]

Timestamps for Key Segments

Concluding Thoughts

Listen to the episode for a deep, practical, and forward-looking conversation on the future of data, AI, and cybersecurity strategy.

wavePod

Episode 359 Deep Dive: Omar Khawaja | Data Intelligence for Cybersecurity

Summary

KBKAST Episode 359 Deep Dive: Omar Khawaja | Data Intelligence for Cybersecurity

Episode Overview

Key Discussion Points & Insights

1. AI Fatigue and the "Right Tool for the Job"

2. Fatigue in the CISO Community and the VUCA Environment

3. Industry-Wide AI Adoption and Realism

4. The Strategic Value (and Risk) of Holding Data

5. Data Intelligence vs. Traditional Security Tools

6. The Security Platform Era and Industry Consolidation

7. Agentic AI: Promise, Reality, and Security

8. The New Talent Landscape: Unlearning and Leveling the Playing Field

9. Predictions and Forward-Looking Perspective

Notable Quotes & Memorable Moments

Timestamps for Key Segments

Concluding Thoughts

Summary

KBKAST Episode 359 Deep Dive: Omar Khawaja | Data Intelligence for Cybersecurity

Episode Overview

Key Discussion Points & Insights

1. AI Fatigue and the "Right Tool for the Job"

2. Fatigue in the CISO Community and the VUCA Environment

3. Industry-Wide AI Adoption and Realism

4. The Strategic Value (and Risk) of Holding Data

5. Data Intelligence vs. Traditional Security Tools

6. The Security Platform Era and Industry Consolidation

7. Agentic AI: Promise, Reality, and Security

8. The New Talent Landscape: Unlearning and Leveling the Playing Field

9. Predictions and Forward-Looking Perspective

Notable Quotes & Memorable Moments

Timestamps for Key Segments

Concluding Thoughts