AI Fatigue Is Real, But the Winners Won’t Be the Ones Who Quit, Databricks Executive says

Artificial Intelligence | Data Management | Data Security

Posted: Wednesday, May 27

KBI.Media
$
AI Fatigue Is Real, But the Winners Won’t Be the Ones Who Quit, Databricks Executive says

Karissa Breen, more commonly known as KB, is crowned a LinkedIn ‘Top Voice in Technology’, and widely recognised across the global cybersecurity industry. A serial entrepreneur, she is the co-founder of the TMFE Group, a portfolio of cybersecurity-focused businesses spanning an industry-leading media platform, a specialist marketing agency, a content production studio, and the executive headhunting firm, MercSec. Now based in the United States, KB oversees US editorial operations and leads the expansion of the group’s media footprint across North America, while maintaining a strong presence in Australia, and the broader global market. She is the former Producer and Host of the streaming show 2Fa.tv, and currently sits at the helm of journalism for the group’s flagship arm, KBI.Media, the independent cybersecurity media company. As a cybersecurity investigative journalist, KB hosts her globally-renowned podcast, KBKast, where she interviews leading cybersecurity practitioners, CISOs, government officials including heads-of-state, and industry pioneers from around the world. The podcast has been downloaded in over 65 countries with more than 400,000 global downloads, influencing billions of dollars in cybersecurity budgets. KB is known for asking the hard questions and extracting real, commercially relevant insights. Her approach provides an uncoloured, strategic lens on the evolving cybersecurity landscape, demystifying complex security issues and translating them into practical intelligence for executives navigating risk, regulation, and rapid technological change.

i 3 Table of Contents

AI Fatigue Is Real, But the Winners Won’t Be the Ones Who Quit, Databricks Executive says

From Karissa Breen

The cybersecurity industry spent the last two years promising artificial intelligence would ‘revolutionise’ everything. Now, many enterprise security leaders are exhausted.

That’s according to Omar Khawaja CISO at Databricks, says many businesses entered the AI race expecting ‘instant’ outcomes, only to discover the real hard work had barely begun.

“The fatigue is real,” Khawaja said. “The average CISO organisation is overwhelmed. They were overwhelmed before AI became a big thing.”

The industry has oversimplified AI adoption, treating it as a magical solution instead of understanding the operational and data engineering work required underneath it.

“If your data estate is fragmented, then getting value from data takes quite a bit of checking the boxes and prerequisites before you can get to the AI,” he said. “The teams making headway are the ones saying, ‘We’re going to get our data in order.’”

Khawaja pushed back on the growing belief that AI itself is the answer to cybersecurity. It’s not a magical wand you wave over and the work is done.
“Our point of view is not that AI is going to solve it,” he said. “Data plus AI is likely the best defence.”

The distinction matters because many security problems still don’t require AI at all, he said. If the data is structured and predictable, traditional analytics often work better.

“If the problem doesn’t have ambiguity, variability, unstructured data, reasoning, or generation, chances are AI is probably not the right solution,” Khawaja said.

His comments come as enterprises face mounting pressure to justify AI spending after years of ‘aggressive vendor marketing’ and ballooning expectations.

Khawaja said many large organisations now admit they have not achieved the outcomes they had expected, “The majority feel like they did not make as much progress with their AI initiatives as they wish they would have by now,” he went on to say.
Still, he believes the slowdown is temporary.

Referencing “Amara’s Law” in short, the idea that people overestimate technology in the short term and underestimate it in the long term, coined by futurist Roy Amara. Khawaja said the industry is now entering an inflection point.

“We’re feeling like, ‘Is this technology all that it’s cracked up to be?’” he said. “But organisations that look within and adapt their operating models for AI will make significant gains over the long term.”

The real problem, Khawaja argued, is scale.

Security teams no longer lack tools. Instead, they are drowning in complexity.

“What’s really hard is the fact that I have 300 SaaS vendors, multiple cloud providers, multiple regions, multiple tenants and continuous M&A activity,” he said. “The grand unifier across all of that is… data.”

That complexity is also driving another major shift across enterprise cybersecurity… which is consolidation.

Khawaja compared modern security programs to ‘overfurnished homes’, “For the longest time, you keep feeling like if you bought one more thing, your life would be closer to complete,” he said. “Then you realise the only way for the quality of your life to improve is by removing things.”

The same is now happening with security tooling, he said, as enterprises attempt to reduce operational drag and overlapping platforms. In the market, there is a massive movement towards a reduction in tool sprawl.

“Many organisations are now in that season where they actually need fewer tools,” Khawaja said. “They don’t need more tools.”

Even as startups continue flooding the cybersecurity market, Khawaja expects larger vendors and platforms to absorb more capabilities over time.

“Leaders are becoming more hesitant to work with smaller organisations,” he said. “The big players will likely get bigger.”

Mr Khawaja also warned that enterprises remain deeply unprepared for the governance and security implications of agentic AI systems, especially because almost nobody has real world experience operating them safely.

“There’s no one that has decades of experience with agentic AI,” Khawaja said. “People like me that have decades of experience are actually disadvantaged because we have assumptions baked into our psyche from deterministic technologies.”

In some cases, he said, younger workers may adapt faster because they have “nothing to unlearn.”