Collusion threat profile analysis: Review and analysis of MERIT model

The MERIT (Management and Education of the Risk of Insider Threat) model was developed based on the CERT/USSS Insider Threat Study (ITS). MERIT model is a system dynamics framework designed to model, understand and assist organizations to mitigate the risk of insider threat [1]. This model´s key findings and conclusions relies exclusively on the cases of individual threat agents. However, the reports of the CERT/USSS ITS on which MERIT was based, did examine some cases of collusion, and our examination of these reports shows that these cases presents different personal precursors from those identified in the MERIT model. We further investigated, by examining later ITS done by CERT/USSS and some independent, high profile internal fraud cases (such as WorldCom, Enron, Tyco fraud etc). These further investigations of collusion threat incidents also reveal different personal precursors as compared to individual insider threat incidents. This paper will present the limitations and shortcomings of MERIT model as well as the studies it was based and further argue that MERIT fails to cover a comprehensive pattern analysis (motivational factors and behavioural characteristics) of all forms of insider threat and in particular collusion threat.