In light of the fast-paced digital transformation, this paper aims to examine the effectiveness and adoption of cybersecurity frameworks in higher education institutions (HEIs).
The methodological approach involved a systematic literature review that synthesized evidence from recent studies to classify and evaluate cybersecurity frameworks that are relevant to HEIs.
The study identifies three main types of frameworks, which are maturity and capability models, governance-based and collaborative structures, and technical and operational mechanisms. COBIT 5, Zero Trust and risk assessment models are frameworks that enhance institutional safety only when they are aligned with governance, resources, cultural norms and user experience. Persistent issues include fragmented adoption, minimal cooperation among educational institutions, and a preference for normative rather than alternative methods. Integrating ethical considerations and training with cognitive theory, as well as postincident learning mechanisms, are among the best practices.
The limited number of empirical studies focusing on HEIs and the geographic preference for developed areas restrict the impact of the findings presented in this review.
The results offer practical advice for HEIs to implement tailored, holistic cybersecurity frameworks that address resilience, collaboration and culture adaptation beyond just compliance.
HEIs should prioritize cybersecurity to protect their teaching, research and innovation, as well as intellectual capital and public trust.
This paper presents a methodical examination of cybersecurity management frameworks in HEIs, emphasizing both technical and socio-technical aspects, providing premise development for culturally sensitive and sustainable strategies.
