The New CISO Ep. 145 - Eric O'Neill | Lessons From a Spy Hunter: The Real Cost of a Breach (Part 1)

exabeam logo
Exabeam
May 14, 2026
Exabeam

What does it feel like to stand in the smoking ruin of a ransomware attack? In this episode, Steve Moore is joined by former FBI undercover operative Eric O'Neill—the man who helped capture Robert Hanssen—to explain why modern cybercrime is just traditional espionage repackaged, and why the dark web has quietly become the world's third-largest economy.

Eric traces his path from the FBI's counterintelligence trenches to founding NeXasure AI and writing cybersecurity books that read like spy thrillers. He and Steve unpack the staggering scale of cybercrime, which Eric predicts could reach $20 trillion in global GDP within years—a marketplace selling everything from ransomware kits to stolen credentials.

They dismantle the “it won't happen to me” mindset that still lingers in boardrooms. Eric describes how attackers use AI agents to scan for vulnerable systems, walks through how Scattered Spider socially engineered MGM in a ten-minute phone call, and explains why disabled MFA remains the leading point of failure for small and mid-size businesses.

Eric then unpacks the painful calculus of paying a ransom. He explains why the FBI says never pay, when OFAC sanctions make payment a federal crime, and why—even after paying—an organization must still do the same forensic, legal, and architectural work. Steve and Eric also detail how attackers resell access and treat victims as repeat customers.

The episode closes with a candid look at recovery. Eric and Steve explore why most companies fail at restoration, why rolling back to “before the attack” leaves the original flaw wide open, and why preparation always beats panic. Tune in for a part-one masterclass for any leader who thinks their organization is too small to be a target.

Key Topics

  • How traditional espionage evolved into modern cybercrime
  • The dark web as the world's third-largest economy
  • Why every organization is a target, regardless of size
  • The MGM ransomware attack and Scattered Spider's playbook
  • Disabled MFA as the leading cause of SMB compromise
  • Vulnerability assessments versus fire-time remediation costs
  • The pay-versus-don't-pay ransomware calculus
  • OFAC sanctions and the legal risks of paying
  • Why restoring backups is not the same as recovery
  • The how, where, why, what, and when of breach forensics

Guest Bio
Eric O'Neill is a former FBI counterintelligence operative, attorney, and bestselling author who helped bring down Robert Hanssen—the most damaging spy in FBI history. He is the founder of NeXasure AI and co-founder of The Georgetown Group, and his undercover work was dramatized in the film Breach. Eric is the author of Gray Day and Spies, Lies, and Cybercrime.

Connect with Eric on LinkedIn or at ericoneill.net.

GET A DEMO:
👉 Get a hands-on demo of the Exabeam products: https://www.exabeam.com/demo

🔔 Subscribe for more product demos and cybersecurity insights!

ABOUT EXABEAM:
Exabeam is the leader in behavior intelligence for the agentic enterprise. As organizations deploy digital workers and confront machine-speed adversaries, Exabeam applies agent-powered analytics to understand and govern the behavior of both human and non-human insiders. With integrated Exabeam Nova cybersecurity agents, Exabeam delivers flexible, industry-proven solutions for insider threat coverage of humans and agents and faster, more accurate threat detection, investigation, and response (TDIR). As the pioneer of user and entity behavior analytics (UEBA) and the innovator behind Agent Behavior Analytics (ABA), Exabeam is trusted by more than 3,000 enterprises worldwide to reduce risk, secure the digital workforce, and accelerate security operations. Learn more at www.exabeam.com.

Exabeam: Real Intelligence. Real Security. Real Fast.

CONNECT WITH US:
X: https://x.com/exabeam
LinkedIn: https://www.linkedin.com/company/exabeam/
Blog: https://www.exabeam.com/blog/

Copyright © 2026 OpsMatters™. All rights reserved.