Professor Ross Anderson is a SME on cyber and security engineering @ Cambridge University and is writing a new book. One chapter is an examination of the cyber sphere post-Snowden revelations; it is 32 pgs. and is free to view. The author invites comments and explains his purpose here:
Today I put online a chapter on Who is the Opponent, which draws together what we learned from Snowden and others about the capabilities of state actors, together with what we’ve learned about cybercrime actors as a result of running the Cambridge Cybercrime Centre. Isn’t it odd that almost six years after Snowden, nobody’s tried to pull together what we learned into a coherent summary?
Link to author's commentary:https://www.lightbluetouchpaper.org/...third-edition/ and his Wiki entry:https://en.wikipedia.org/wiki/Ross_J._Anderson

Link to published article:https://www.cl.cam.ac.uk/~rja14/Pape...-ch2-May16.pdf