EP 22 — Databricks' Omar Khawaja on Why Inertia Is Security's Greatest Enemy

What if inertia — not attackers — is security's greatest enemy? At Databricks, CISO Omar Khawaja transformed this insight into a systematic approach that flips traditional security thinking on its head and treats employees as assets rather than threats.

Omar offers his T-junction methodology for breaking organizational inertia: instead of letting teams default to existing behaviors, he creates explicit decision points where continuing the status quo becomes impossible. This approach drove thousands of employees to voluntarily take optional security training in a single year.

There’s also Databricks' systematic response to AI security chaos. Rather than succumb to "top five AI risks" thinking, Omar's team catalogued 62 specific AI risks across four subsystems: data operations, model operations, serving layer, and unified governance. Their public Databricks AI Security Framework (DASF) provides enterprise-ready controls for each risk, moving beyond generic guidance to actionable frameworks that work regardless of whether you're a Databricks customer.

Topics discussed:

• The T-Junction Framework to systematically break organizational inertia by eliminating default paths and forcing explicit decision-making
• Human risk management strategy of moving to behavior-driven programs that convert employees from liabilities to champions
• 62-Risk AI security classifications of data layer, model operations, serving layer, and governance risks with specific controls for each
• Methods for understanding true organizational risk appetite across business units, including the "double-check your math" approach
• Four-component agent definition and specific risks emerging from chain-of-thought reasoning and multi-system connectivity
• Why "AI strategy" creates shiny object syndrome and how to instead use AI to accelerate existing business strategy