While the author said it took 7 years to research (which I don’t doubt), I feel the tangential aspects : (1) architecting cyber crime, (2) designing processes, attack surfaces and teams of personnel and (3) minimizing risk. would have been good treatises to discuss. There was a minimal (chapter 53) but valuable discussion on what is being done to fight it/ what should be done.
The book is focused on the daily challenges of cybercrime from within the industry. While interesting, the discussion did not discuss the connection to the types of cybercrime, how they are developed, how they integrate with the different cybercrime communities, their tooling and how law enforcement seeks to penetrate, support or deny these existing and new efforts.