When ransomware collusion pays millions, it completely breaks corporate salary incentives. How can compliance ever stop an insider threat when betrayal becomes the economically rational choice?