Next Article in Journal
Smart IoT-Based Temperature-Sensing Device for Energy-Efficient Glass Window Monitoring
Next Article in Special Issue
Wangiri Fraud Detection: A Comprehensive Approach to Unlabeled Telecom Data
Previous Article in Journal
Edge-to-Cloud Continuum Orchestrator Based on Heterogeneous Nodes for Urban Traffic Monitoring
Previous Article in Special Issue
A Resilient Deep Learning Framework for Mobile Malware Detection: From Architecture to Deployment
 
 
Search for Articles:
Title / Keyword
Author / Affiliation / Email
Journal
Article Type
 
 
Advanced Search
 
Section
Special Issue
Volume
Issue
Number
Page
 
Journals
Future Internet
Volume 17
Issue 12
10.3390/fi17120575
futureinternet-logo
Submit to this Journal Review for this Journal Propose a Special Issue
Article Menu

Article Menu

share Share announcement Help format_quote Cite question_answer Discuss in SciProfiles
first_page
settings
Order Article Reprints
Font Type:
Arial Georgia Verdana
Font Size:
Aa Aa Aa
Line Spacing:
Column Width:
Background:
Systematic Review

Cybersecurity in Higher Education Institutions: A Systematic Review of Emerging Trends, Challenges and Solutions

by
Oladele Afolalu
* and
Mohohlo Samuel Tsoeu
Department of Electronic and Computer Engineering, Durban University of Technology, Durban 4001, South Africa
*
Author to whom correspondence should be addressed.
Future Internet 2025, 17(12), 575; https://doi.org/10.3390/fi17120575
Submission received: 15 November 2025 / Revised: 8 December 2025 / Accepted: 12 December 2025 / Published: 15 December 2025
(This article belongs to the Special Issue Cybersecurity in the Age of AI, IoT, and Edge Computing)
Browse Figures
Versions Notes

Abstract

Higher education institutions (HEIs) are increasingly becoming vulnerable to cyberattacks as they adopt digital technologies to support their administrative, research and academic activities. These institutions, which typically operate in open and decentralized environments, face serious challenges as a result of the growing complexity of cyberattacks such as phishing, ransomware and data breaches. This systematic review synthesizes existing literature on cybersecurity in HEIs, identifying key challenges, emerging solutions and current trends. The review analyses the adoption of advanced technologies such as zero trust architectures (ZTAs), artificial intelligence (AI)-driven security and cloud-based systems. Furthermore, it investigates the underlying causes of cybersecurity vulnerabilities, including fragmented security procedures, lack of proper awareness about cybersecurity among users and associated technology gaps. The review also examines how governance frameworks, institutional policies and the incorporation of state-of-the-art security technologies can significantly mitigate these threats. Findings reveal that considerable progress has been made by some institutions in implementing security measures. However, comprehensive cybersecurity plans that integrate technological solutions with a robust institutional culture of cybersecurity awareness are still critically needed. The review concludes by highlighting the need for HEIs to collaborate and foster institution-wide partnership to strengthen cybersecurity measures. Finally, an in-depth study into the strategies and best practices for handling emerging cyberthreats in the HEIs is recommended.

1. Introduction

Cybersecurity has become a major concern for both individuals and organisations due to the tremendous rise in cyberthreats, driven by world’s rapid digitalization. Activities related to academics, research and administration have all been revolutionized by the ubiquitous digital transformation in higher education institutions (HEIs) [1,2,3]. However, this digital shift has also heightened exposure to cybersecurity threats, posing significant risks to sensitive data, intellectual property and institutional reputation. The uniqueness of HEI environments has continually predisposed them as attractive targets for cyberattacks. This is characterized by diverse user populations, open access policies and reliance on cutting-edge technologies. The diversity of stakeholders in HEIs, including students, faculty, researchers and administrators, further complicates the cybersecurity landscape. The risk of data breaches and unauthorized access has increased since these groups regularly interact with institutional networks from different devices and locations. The migration to cloud-based systems by respective HEIs and adoption of hybrid work patterns, with limited cybersecurity planning, has further contributed to the worsened situation of these vulnerabilities. In addition, the use of remote learning technologies during and after the COVID-19 pandemic has also exacerbated the cybersecurity landscape in HEIs [4]. Therefore, the increasing sophistication of cyberattacks, such as ransomware, phishing and data breaches, has underscored the urgent need for HEIs to not only implement robust technical solutions but also foster a culture of cybersecurity awareness.
To address these vulnerabilities, an in-depth understanding of the trends and challenges in cybersecurity is required. Notwithstanding this increasing demand, research on cybersecurity incidents specific to HEIs remains fully unexplored. The majority of the existing studies concentrate on limited areas of technology, user behaviour or institutional regulations. Currently, emerging cybersecurity measures such as intrusion detection and prevention systems (IDPSs) [5], zero trust architectures (ZTAs) [6,7] and artificial intelligence (AI)-driven threat detection [8,9] are increasingly being implemented in HEIs. While these interventions have shown promise, their adoption is often hindered by budgetary constraints, insufficient technical expertise and organisational resistance to change. Additionally, the demand for HEIs to implement proactive and flexible security measures is further heightened by the rapid evolution of cyberthreats, such as ransomware. These recurrent ransomware attacks quite often target critical academic infrastructure.
This Systematic Literature Review (SLR) aims to systematically analyse the current state of cybersecurity, identifying key trends, challenges and effective countermeasures. Furthermore, it will explore the factors contributing to cybersecurity risks in these institutions. Similarly, the SLR examines the role of technology in mitigating these risks and the broader organisational and policy measures required to enhance overall cybersecurity posture. The findings from this paper will provide a comprehensive understanding of the cybersecurity landscape in HEIs, offering valuable insights for policymakers, IT professionals and academic leaders seeking to strengthen the security of their digital infrastructures. By synthesizing existing research, this review provides actionable insights for stakeholders in HEIs and highlights areas for future research. The detailed objectives and contributions of this SLR are as follows:
  • To identify and analyse current cybersecurity trends in HEIs. The SLR specifically seeks to explore the adoption of emerging technologies and the impact of digital transformation on the cybersecurity landscape of HEIs.
  • To investigate the effectiveness of cybersecurity interventions and assess the impact of technical measures such as IDPSs, ZTAs, cloud computing, AI and remote learning on enhancing cybersecurity resilience.
  • To understand the challenges faced by HEIs in cybersecurity implementation, particularly how the open and collaborative nature of HEIs influences their vulnerability to cyberthreats. The SLR further explores the organisational, technical and financial barriers to effective cybersecurity management.
  • To provide actionable insights, best practices and recommendations for addressing cybersecurity risks in HEIs. The recommendations highlight future research areas and propose strategies for overcoming barriers, with the aim of advancing and improving the cybersecurity postures of HEIs.

2. Background—Overview of Related Literature

Undoubtedly, HEIs play a critical role in society as centres of learning, research and innovation. With vast amounts of sensitive data, including intellectual property, student records, research outputs and financial transactions, HEIs are prime targets for cyberattacks [10]. The rapid digital transformation of educational environments, including the adoption of cloud services [11], online learning platforms [12] and Internet of Things (IoT) devices [13], has expanded the attack surface, exposing institutions to diverse cybersecurity risks.
Cybersecurity has been a serious problem ever since computer technology was no longer just the domain of major research institutions. As local and global networks proliferate, so also do the awareness of cybersecurity and the associated issues, challenges, tasks and trends. The authors of [14] proposed an approach that ensured a generalized cybersecurity of HEIs without taking into account certain elements or individual aspects of the environment. The approach formed the basis for the proper information and functioning process to ensure the cybersecurity status of HEIs. The methodology employed the approach of functional modelling and graphical display of IDEF0 processes, with the main goal of constructing a high-level context diagram to achieve the set goal. However, the paper did not incorporate a refining feature selection process, which is critical to identifying cybersecurity risk indicators.
One way to identify the risk indicators is to use unsupervised machine learning (ML) to explore the risk of cybersecurity breaches in HEIs, as demonstrated in [15]. The study compares HEIs empirically while directly examining the ML approach, its underlying theories, benefits and limitations. The sample selection process involves using a dataset comprising 848 records from educational websites, created by analysing publicly available data from U.S. HEIs. Due to the emphasis on the analysis of specific college sites, larger entities produced many entries, mainly because of the distinct data provided by each campus. In the dataset, more than 4000 elements, such as URLs, XML embeddings and different HTTP scripts, recognized as possible cybersecurity indicators, were featured. Purposive sampling was used at first to ensure that medium-sized public and private universities from various states were fairly represented; thereafter, random sampling was applied. The results showed that different institutions in the sample had a wide variety of security postures. The “control” function provided insight into how risk factors were aggregated, allowing for a more focused approach to cybersecurity improvement.
Owing to the popularity of online courses, cybersecurity continues to face a series of challenges and difficulties related to technology problems and interaction among learners/instructors. In [16], the authors investigated these concerns using a mixed-methods qualitative approach, from data gathered in two phases amongst post-graduate students participating in full-time online cybersecurity programmes. In the first stage, a group of post-graduate cybersecurity students participated in a workshop where qualitative data were collected to assess their level of learning and satisfaction with online education. The second phase involved obtaining qualitative input on students’ opinions and experiences with online cybersecurity programmes. Thereafter, they administered a questionnaire comprising both closed-ended and open-ended questions. This helped to identify prevalent problems and then proffer a strategic solution to develop a reliable online cybersecurity learning programme.

3. Methods

The review is conducted based on the Preferred Reporting Items for Systematic Reviews and Meta-Analyses (PRISMA) statement [17]. It encompasses cybersecurity-related research in HEIs published between 2015 and 2025. Due to the enormity of published papers in reputable journals, papers published within the last 10 years were considered, focusing on peer-reviewed articles, industry reports, and security advisories from recognized institutions. Therefore, it is imperative to meticulously approach the reporting process with strong adherence to established guidelines, provided by PRISMA. PRISMA is a useful framework that offers researchers a comprehensive checklist for reporting SLRs transparently. PRISMA was published in 2009 and consists of 27 items that outline the essential sections and flow diagrams to include in a systematic review report. These items comprise various aspects, including the databases utilized to identify relevant studies, the reasons behind conducting the review, the findings of meta-analyses conducted and the implications derived from results of the reviews. By adhering to the PRISMA guidelines, researchers can ascertain that all important aspects of their study are included to enable readers to comprehend the results. This study is registered with protocols.io, available at https://www.protocols.io/private/CE60631EC5F411F0BB2E0A58A9FEAC02 (accessed on 20 November 2025). The full PRISMA checklist is provided in the Supplementary Materials. Institutional review board approval was not required since the nature of the study did not involve any human or non-human subjects, and there was no direct interaction or intervention with individuals or animals.
To ensure comprehensive coverage of the literature on cybersecurity in HEIs, searches were conducted across major scholarly databases, namely SpringerLink, IEEE Xplore, Scopus and Google Scholar. The search string included combinations of controlled vocabulary and free-text keywords related to “cybersecurity” OR “information safety” AND “cloud computing” OR “digital transformation” AND “current trend” AND “HEIs”. The search was conducted across all databases on 7 March 2025. Initially, a total of 20,205 records were found and filtered to ascertain that only related and appropriate literature on the topic was discussed. All retrieved records were first processed to remove duplicates and non-scholarly items and documents outside the 2015–2025 time frame, reducing the dataset substantially. Titles and abstracts were then screened using predefined inclusion criteria: (i) explicit relevance to cybersecurity within HEIs; (ii) discussion of cybersecurity challenges, solutions, frameworks, or institutional impacts; (iii) publication in peer-reviewed outlets; and (iv) availability of full text. Studies were excluded during this phase if they focused on general cybersecurity without an HEI context, addressed K–12 or non-academic institutions, lacked empirical or conceptual grounding, described works lacking AI technical security perspectives or presented insufficient methodological detail. Full-text eligibility screening was subsequently applied to the remaining studies. Records were excluded at this stage for reasons such as inadequate contextual relevance, wrong population, insufficient data quality, absence of cybersecurity analysis, or being purely opinion-based without actionable insight.
After applying all inclusion and exclusion criteria, 59 research papers were selected for discussion. Further details on quality assessment, data extraction and data synthesis based on PRISMA guidelines are presented in Section 3.3, Section 3.4 and Section 3.5, respectively. The full screening workflow, including specific reasons for exclusion at each stage, is summarized in the PRISMA flow diagram shown in Figure 1. Major concerns on the current trends and challenges of cybersecurity in HEIs can be resolved with the proposed solutions. Hence, this SLR has been conducted to meet the research objectives through the following questions.

3.1. Research Questions

  • RQ1—What are the most prevalent threats, vulnerabilities and current trends in cybersecurity practices within HEIs?
  • RQ2—How effective are HEIs adapting to cybersecurity interventions and emerging trends such as IDPS, ZTA, cloud computing, AI and remote learning in mitigating cyberthreats?
  • RQ3—What are the primary challenges, including budgetary constraints, resource limitations and organisational policies, impacting HEIs from implementing and maintaining robust cybersecurity measures?
  • RQ4—What are the best practices for strengthening cybersecurity in HEIs, and key areas for future research to address unresolved challenges and emerging threats?
These research questions and objectives aim to provide holistic understanding of the cybersecurity ecosystem in HEIs, offering practical and theoretical contributions to addressing the unique challenges in this sector.

3.2. Eligibility Criteria

The eligibility criteria for the systematic review are defined using the PICOST approach [18], which incorporates Population, Intervention, Comparison, Outcome, Study Design and Time Frame. Table 1 illustrates the inclusion and exclusion criteria, targeting solely cybersecurity trends and challenges in HEIs.
These criteria ensure that the systematic review is focused, comprehensive, and relevant to understanding the current state of cybersecurity in HEIs.

3.3. Quality Assessment

To evaluate the methodological rigour and reliability of the 59 included studies, we conducted a structured critical appraisal using the Joanna Briggs Institute (JBI) Critical Appraisal Tools. The JBI suite was selected because it provides design-specific checklists. This is suitable for the diverse study types present in cybersecurity research within HEIs. Based on independent assessment by reviewers, studies were classified into three quality categories based on their total score:
  • High quality (≥80%).
  • Moderate quality (60–79%).
  • Low quality (<60%).
A full summary table of quality assessment results for all 59 studies is provided in Table A1 (Appendix A). The quality ratings were used to contextualize the findings presented in the Discussion (Section 5). Greater interpretive weight was placed on studies rated high or moderate quality, while findings from low-quality studies were interpreted cautiously due to potential methodological limitations.

3.4. Data Extraction

A structured data extraction form was developed to ensure consistency and completeness during the review process. For each of the 59 included studies, data were extracted independently by the authors using predefined variables aligned with the review objectives. The extracted data points are detailed in Table 2.

3.5. Data Synthesis

A narrative thematic synthesis approach was used to integrate findings from the 59 included studies. This method is appropriate for heterogeneous research designs and allowed the analysis to capture both conceptual and empirical insights relevant to cybersecurity in HEIs. The synthesis proceeded in three stages:
  • Initial Coding: Key statements, findings, challenges and proposed solutions were extracted from each study. Codes were assigned inductively, based on recurring security issues (e.g., phishing, ransomware, governance failures), technological themes (e.g., intrusion detection, access management) and institutional factors (e.g., user awareness, policy maturity).
  • Theme Development: Codes were grouped into broader thematic categories that reflected patterns across studies. Major themes included
    • Prevailing cybersecurity threats in HEIs;
    • Institutional vulnerabilities;
    • Technical and administrative countermeasures;
    • Human-centric factors;
    • Governance and compliance issues;
    • Capacity-building and training needs.
  • Integrative Synthesis: Themes were analysed to highlight relationships, gaps and divergences among the studies. This stage produced an integrative interpretation of how challenges and solutions intersect within HEI environments, allowing the findings to be consolidated into a coherent framework. These are presented in the Discussion (Section 5) and Findings (Section 6).

3.6. Limitations

This review has several limitations that should be acknowledged to contextualize its findings. First, the search strategy was restricted to publications available up to 2025. This implies that more recent cybersecurity trends, threat landscapes or institutional practices emerging after this date may not be captured. Moreover, only studies published in English were included. This may have excluded relevant contributions from non-English-speaking regions, especially considering the global nature of cybersecurity issues in HEIs. In addition, the review did not include grey literature such as blog posts, white papers, non-academic sources or unpublished assessments. While this decision ensured methodological consistency and reliance on peer-reviewed sources, it may have limited insights into practical, institution-specific cybersecurity practices. Despite these limitations, the review offers a comprehensive and structured overview of cybersecurity challenges and solutions in HEIs. Hence, it identifies key thematic patterns that can inform future research and policy development.

4. Motivation

The motivation of this SLR arises from the need to provide a comprehensive analysis of the current trends and challenges in cybersecurity within HEIs. By synthesizing existing literature, it seeks to identify gaps and evaluate the effectiveness of existing interventions. Ultimately, the SLR proposes actionable recommendations to enhance the cybersecurity posture of these institutions.

5. Discussion

5.1. RQ1—What Are the Most Prevalent Threats, Vulnerabilities and Current Trends in Cybersecurity Practices Within HEIs?

Due to reliance on digital technologies for administrative, research and instructional purposes, HEIs are increasingly becoming targets of cyberattacks. These institutions are especially susceptible to cyberthreats as a result of the volume of sensitive data they handle, their open network structures and their wide access to academic resources [19]. Among the threats frequently facing HEIs are data breaches, ransomware, distributed denial-of-service (DDoS) attacks and phishing [20,21]. These threats have the potential to impair operations, compromise institutional and personal data, and harm reputations. HEIs are vulnerable for variety of reasons. The decentralized nature of many academic institutions, with departments or research units functioning independently, often results in inconsistent cybersecurity practices across campuses.
Additionally, the diversity of users, including faculty, staff and students, creates challenges in enforcing security guidelines and guaranteeing that all individuals adhere to best practices. Many HEIs also lack sufficient cybersecurity awareness and training, leaving users susceptible to common attacks such as phishing [22,23]. Efforts to overcome these risks are reflected in the current trends in HEI cybersecurity practices. Advanced security technologies such as multi-factor authentication (MFA), encryption tools and intrusion detection systems (IDSs) are more often being adopted by institutions [24,25,26]. Nonetheless, there is a growing understanding that technical solutions are inadequate. Many HEIs are embracing a more holistic strategy that incorporates robust cybersecurity policies, regular training sessions and partnership with external cybersecurity experts.
Furthermore, the COVID-19 epidemic has propelled implementation of cloud services and remote learning platforms. This creates new security concerns that necessitate continuous adaptation to emerging threats. Hence, HEIs must continue to be agile in addressing the human and technical factors of cybersecurity risks as the digital landscape evolves. Moreover, they must ensure that their security policies keep up with the increasing complexity of cyberthreats. For instance, ref. [27] identified the classes and prevalence of threats and their major impacts on HEIs. The study was necessitated by the risk associated with migration to online learning platforms due to the outbreak of COVID-19. Accordingly, some of the key technologies that allow remote work and study include Learning Management Systems (LMSs) [28], cloud computing and Video Conferencing Applications (VCAs) [29,30,31].
The use of LMSs became more prominent during and after the pandemic, although they were also in use before. Therefore, most courses that incorporated different types of activities such as lessons, seminars and practical work were created. For an online platform to deliver quality services, it must fulfil basic principles of integrity, availability, confidentiality and information security. Each of the aforementioned principles can be compromised, either through unsecured communications caused by permitting transmission of unencrypted traffic or using unsecured application protocols such as HTTP [32]. Other sources of attack are improper management of active sessions, unauthorized authentication, information leakage, insecure direct object reference and DDoS flooding, which prevent service access to authorized users.
Additionally, studies have shown that factors such as gender, age and technical experience significantly influence the susceptibility of individuals to spam and phishing attempts [33,34,35]. To this end, ref. [33] designed a study to investigate how these and other factors determine cybercrime vulnerability amongst a sample of university students. The factors include cybercrime awareness, IT competence, gender, type of crime and perceived Internet safety. Study participants were exposed to a variety of fake emails sent from the web server of the study team, and their responses to these scams were monitored. The idea of involving university students provided the benefit of employing a single institutional Internet service, which could also monitor actual spam incidents. Thus, ethical concerns associated with an open or public sample can be prevented. Initial analysis from all the variables showed that first-year and international students were much more likely to fall victim to scams than domestic and second-year students. Further analysis with a Generalized Linear Model (GLM) demonstrated consistency with the initial findings. The study concluded that student status and year of study showed a stronger correlation with the likelihood of scam deceit.

5.2. RQ2—How Effective Are HEIs Adapting to Cybersecurity Interventions and Emerging Trends Such as IDPS, ZTA, Cloud Computing, AI and Remote Learning in Mitigating Cyberthreats?

As discussed earlier in RQ1, the risk of cyberattacks is on the rise as HEIs increasingly adopt digital tools and remote learning environments, which calls for strong cybersecurity measures. The approaches of these institutions towards cybersecurity are changing as a result of the transition to remote learning and emerging technologies such as cloud computing, AI, ZTAs and IDPSs [5,6,7,8,9]. While ZTAs place a strong emphasis on stringent access controls and verification processes, assuming no trust by default, IDPS technologies offer the possibility of real-time threat detection and response. Cloud computing offers both benefits and risks for handling sensitive data due to its scalability and flexibility. On the other hand, AI is constantly used to automate cybersecurity procedures and for advanced predictive threat detection. This is largely due to remote learning platforms requiring stronger protection against unauthorized access and data breaches.
Understanding the effectiveness of these interventions is essential for protecting academic environments and preserving the integrity of educational data. This is very important, as educational institutions worldwide continue to incorporate state-of-the-art digital technologies. Hence, this research question will critically review and assess the impact of these technologies in mitigating the growing cyberthreats faced by HEIs.
By utilizing AI, HEIs can reduce response times while maintaining a high standard of cybersecurity. In [36], the author conducted a study to understand attempts made by HEIs to evaluate their policies and practices in addressing cybersecurity as different technologies evolve. Generally, traditional security methods identify threats by relying on signatures and other signs of compromise. However, this approach may work against already identified threats, while it may not be effective against threats that are yet to be discovered. Based on findings in [36], 90% of attacks can be detected with the use of signature-based techniques. Hence, it was concluded that AI can increase threat detection rates by 95% in HEI environments.
Several other works have studied the effectiveness of AI/ML in preventing cyberattacks in HEIs [37,38,39,40]. For example, ref. [37] suggested leveraging analytical automation of model building in ML to detect human factor risk and intrusion. Conversely, ref. [38] proposed application of ML schemes for ransomware network traffic detection. Sophisticated models based on blockchain [39] and deep learning [40] techniques for cyberattack detection are also explored to prevent vulnerability in HEIs networks. Nonetheless, the implementation of AI for cybersecurity enhancement still requires some level of control to exploit its benefits which outweigh the disadvantages.
In the same vein, the introduction of the IDPS and its variant, the Host Intrusion Detection System (HIDS), in various HEI platforms has proved to be an effective technological countermeasure to addressing cyberthreats. These systems offer defence-in-depth protection to complement the role of firewalls in providing significant enhancement to detection performance. In addition, the technologies support key roles such as enhanced automation of deterministic steps, algorithm robustness and efficient monitoring of human–machine behaviour [41].
The adoption of state-of-the-art security solutions is essential to safeguarding resources where threats are continually evolving and significantly endangering the reputation of organisations. Therefore, integrating ZTAs into learning and information in HEI environments will preserve the quality of records and data and prevent recurrent cyberattacks [42]. The principle of “never trust, always verify” and separation of trust from location distinguishes ZTA from traditional security models. While trust is often location-dependent in traditional set-ups, the ZTA framework in contrast assumes that network location is not always indicative of trustworthiness [43,44]. This rule is enforced in ZTAs through strict authorization and authentication processes to grant network access control [45].
Lately, the advent of cloud computing in changing how computer resources are accessed, managed and delivered has contributed significantly to addressing cybersecurity challenges in HEI digital spaces. In addition, different cloud service providers (CSPs) continuously invest in state-of-the-art security technology. This is to ensure that the infrastructure and services leased out to cloud computing users, including HEIs, meet safety requirements and prevent cloud environments from cyberattacks. The security schemes include IDPSs, Identity and Access Management (IAM) and encryption [46]. Other concerns such as system diversity, confidentiality and system volatility can further be addressed via federated learning [47].

5.3. RQ3—What Are the Primary Challenges, Including Budgetary Constraints, Resource Limitations and Organisational Policies, Impacting HEIs from Implementing and Maintaining Robust Cybersecurity Measures?

The majority of HEIs face significant challenges in implementing and maintaining robust cybersecurity measures, primarily due to budgetary constraints, resource limitations and organisational policies. They often operate under tight financial conditions, making it difficult to allocate sufficient funds for extensive cybersecurity measures. Moreover, many institutions are overwhelmed by the high cost of modern security technologies, continuous monitoring systems and skilled cybersecurity professionals. This budgetary constraint exposes critical systems to cyberthreat vulnerability.
Generally, cybersecurity measures are expensive, involving large expenditures for both software and hardware solutions. In addition, it is important to have qualified personnel to monitor and maintain security systems. However, HEIs frequently have financial constraints. Also, funding for cybersecurity may have to contend with other institutional priorities, including research projects, academic programmes and campus facilities [48]. According to [49], many institutions only allocate a small percentage of their budgets to cybersecurity, which usually falls short of what is needed to confront evolving cyberthreats. Hence, inadequate funding and budgetary constraints may hinder HEIs’ ability to adequately train employees or implement cutting-edge security measures, making them vulnerable to cyberattacks.
Beyond insufficient budgetary provision, HEIs are confronted with severe resource limitations when it comes to the deployment of sustainable cybersecurity strategies [41]. Due to the complexity of modern cybersecurity occurrences, a multidisciplinary strategy involving experts in threat analysis, network security, incident response and system architecture is required. Unfortunately, the competitive market for highly skilled manpower poses great difficulty to many HEIs to attract and retain talented cybersecurity personnel. Additionally, maintaining strong security systems and efficiently responding to emerging threats are exacerbated by a shortage of well-trained cybersecurity teams. This challenge is further caused by the overstretching of available IT professionals across multiple institutional operations. Consequently, HEIs and certification bodies are encouraged to foster flexible cybersecurity education, in the form of subsidized training, research and certification [50].
Organisational policies and cultural challenges within HEIs can also hinder the adoption of comprehensive cybersecurity measures [41]. Moreover, the decentralized IT structures operated by many institutions allow faculties or departments control over their own cybersecurity systems and protocols. This decentralization often makes it difficult to deploy all-encompassing institution security measures, which may result in unreliable security practices. Furthermore, there is frequently a cultural barrier in academia that places more value on transparency and academic freedom than on the implementation of more stringent security standards. Hence, the emphasis on “openness” in educational institutions may clash with the requirement for strict threat monitoring systems, data security protocols and access control [51]. Consequently, HEIs may become more vulnerable to cyberattacks as they continue to be confronted with cultural opposition to hierarchical regulations. Therefore, adoption of stricter security procedures will be impeded.
Likewise, HEIs must contend with the challenges of adhering to a number of cybersecurity laws and regulations. These include laws pertaining to data protection, such as the Family Educational Rights and Protection Act (FERPA) in the United States and the European Union’s constituted General Data Protection Regulation (GDPR) [52,53]. Ensuring compliance can be difficult, especially for institutions that handle enormous data volumes, such as academic records and personally identifiable information (PII). A breach in compliance can lead to loss in students’ confidence, damaged reputation and legal repercussions.
HEIs recognize the importance of cybersecurity in securing institutional infrastructure and academic data. However, they encounter several obstacles in putting strong cybersecurity measures in place and keeping them up to date. The aforementioned budgetary constraints, resource limitations and organisational policies will continue to influence the effectiveness of cybersecurity strategies in HEIs. Thus, a more comprehensive strategy by HEIs to address these challenges will involve greater allocation of adequate resources, in terms of sufficient funding. Also, they should engage skilled professionals and cultivate an environment that strikes a balance between the necessity of cybersecurity and the principles of academic freedom and transparency.

5.4. RQ4—What Are the Best Practices for Strengthening Cybersecurity in HEIs, and Key Areas for Future Research to Address Unresolved Challenges and Emerging Threats?

Possession of extremely valuable research data, huge digital infrastructure and open-access policy by HEIs often exposes them as prime targets for cyberthreats. These sensitive assets require a multi-layered approach to protect. Some of the best practices to strengthen cybersecurity include adopting a ZTA framework, implementing strong IAM, boosting incident response capabilities and creating cybersecurity awareness through training initiatives [42,46]. Due to the increasingly sophisticated and dynamic nature of cyberthreats in recent times, proactive and innovative cybersecurity strategies are needed to mitigate the trend.
The implementation of robust IAM systems is one of the fundamental strategies for enhancing cybersecurity in HEIs. The adopted techniques involve strict password regulations, MFA and the principle of least privilege, which guarantee that only authorized users have access to sensitive resources [54]. With MFA, users are authenticated only after providing two or more pieces of proof to confirm their identity before being granted access to the system. In HEI contexts, MFA functions well because when numerous authentication attempts are performed, account owners are notified. Moreover, fraudsters often do not possess more than one set of login information. Thus, modern ransomware risks can be effectively countered [41]. Additionally, IAM systems play a significant role in controlling user identities across various platforms used for administrative and academic purposes. Typically, HEIs operate an increasingly decentralized and hybrid nature of teaching, research and administrative tasks. Hence, there is a need to integrate an architecture that continuously performs identity verification of the user and device and enforces strict access controls.
Mitigating the effects of a cyberattack requires effective incident response practices. These plans should be assessed and updated often to guarantee preparedness for ransomware attacks, data breaches, and other cyber events. Also, HEIs should set up a specialized cybersecurity response team that can rapidly identify and eliminate threats. Adequate attention to campaigns in the form of training and awareness for students, staff and faculty are necessary to foster a culture of cybersecurity [48]. The training programmes are expected to cover several aspects of secured use of HEI applications and systems, safe data handling and phishing prevention practices. Ultimately, human errors, which constitute the leading cause of security breaches, can significantly be reduced by engaging the campus community in the area of cybersecurity awareness.
The constantly evolving cybersecurity threats and the rate of information sharing amongst HEIs, private-sector establishments and government agencies require active participation, particularly in threat intelligence networks to stay up to date on the latest security and attack vectors. It also entails having proper knowledge of the scope and scale of cyberthreats to assist in developing effective cybersecurity strategies. Due to the rising sophistication and complexity of the threats, the developed approach can either be adaptive or proactive, using both qualitative and quantitative methods [55]. Understanding how these threats are evolving and putting strong cybersecurity measures in place will help HEIs safeguard their resources. Thus, the security of the digital ecosystem as a whole can be improved.

6. Findings and Effectiveness of Cybersecurity Approaches in HEIs

In Section 5, various cybersecurity implementations intended to mitigate risks have been highlighted. Evaluating the findings and effectiveness of these strategies is crucial in understanding their impact on enhancing institutional resilience, reducing cyberthreats and safeguarding sensitive information. Research shows that AI-driven systems improve threat detection capabilities, while IAM and zero trust methods improve access control [42,46]. As a guide to protection against cyberattacks, HEIs are encouraged to apply the cybersecurity principles created by the National Cyber Security Center (NCSC) [56], as shown in Figure 2. Other dedicated frameworks developed to protect information against cyberattacks and mitigate vulnerabilities in IT infrastructure include the National Institute of Standards and Technology (NIST) cybersecurity framework (CSF) [57] and ISO27001 [58,59].
However, the dynamic nature of cyberattacks, cloud security susceptibilities and insider threats necessitate regular review and advancement of existing techniques. Hence there is a need to explore the efficiency of these cybersecurity approaches in HEIs, focusing on the merits, limitations and potential areas of improvement. Table 3 presents a summary of current and potential future research directions of cybersecurity interventions discussed in this SLR.

6.1. Integration of AI and ML in Cybersecurity

Detecting current-generation malware and cyberattacks using traditional cybersecurity methods might be challenging. The capability to identify and address cyberthreats has been greatly improved by the incorporation of AI and ML into cybersecurity. Since most cyberattacks evolve with time, more aggressive strategies are required. In most cases, ML-based solutions address these security issues by relying on information from earlier cyber incidents to prevent more recent ones. The systems are designed such that they can respond to adverse events rapidly and independently without incurring any error while executing the task.
The transformative impact of AI and ML technologies to analyse huge data volumes through complex automation for real-time defence against threat in cybersecurity was discussed in [60]. The authors of [61] provided a comprehensive survey on the application of AI and ML to analyse big data sets. This data analysis constitutes a crucial step in identifying and detecting different shades of cyberattacks for enhanced security posture. Several other research works have been conducted on the adaptive ability of AI and ML to study and learn new algorithms to counter cyberattacks as they evolve [62,63,64,65]. These features have distinguished AI and ML as promising technologies in cybersecurity for safeguarding digital information generally and HEIs in particular.

6.2. Cloud-Based Cybersecurity Implementation

Cloud computing is relevant to cybersecurity due to its ability to address critical concerns and improve security posture in the digital age. One of the main benefits of cloud computing is the strong security features provided by reputable CSPs [66,67]. Through the CSPs, users can access variety of computer resources such as servers, applications, networking and storage, without having to pay for infrastructure or hardware upfront [68]. In addition, prominent CSPs commit significant investments in cutting-edge security architectures, technologies and skills to defend their cloud environments against online attacks. These security protocols include IAM, IDPSs, network segmentation, encryption and continuous security assessments. Various HEIs can leverage the agility offered by cloud computing to quickly respond to evolving cybersecurity threats. These also include demand to deploy additional security measures in response to new threats.
Migrating to the cloud offers tremendous benefits. However, the advantages are often impacted by the budgetary constraints and resource limitations constantly experienced by HEIs, as highlighted earlier in RQ3. This advantage leverages advanced technologies and security solutions that may be complex or expensive to deploy within campus premises. Most of the strategies include automated security orchestration and remediation tools, threat detection and response, disaster recovery solutions and cloud-based backup [47]. Therefore, exhaustive approaches such as regular assessment, strategic planning, strong security checks and compliance with industry best practices are needed to implement cloud-based cybersecurity solutions. Following these practices will enable HEIs to adopt cloud-based cybersecurity systems for onward protection over data, assets and different cloud-based operations.

6.3. Technology, Institutional Governance and Policy Interplay in Cybersecurity

In HEI environments, tremendous amounts of information are collected about their faculty, staff and students. A lot of data is gathered right from the moment students apply for admission, or even before their applications are submitted. At the same time, students’ use of library resources, learning management systems and a whole lot of extra-curricular activities are just a few of the data points monitoring their academic journey. Hence, these sensitive activities require robust data governance systems, managed by HEIs to ensure that issues regarding students’ security and privacy are resolved [36]. To this end, HEIs’ leadership must recognize IT governance as an integral part of cybersecurity, such that it becomes the focus of the entire institution, not solely the responsibility of the IT department [69,70].
In addition, establishing a privacy management system can greatly assist the institutions in performing audits of compliance level while also setting privacy rules for the purpose of tracking breaches of sensitive personal data. As part of the institutional governance procedure, three basic steps must be followed [36]. Firstly, HEIs must implement MFA/SSO, prioritize student data protection and enforce adoption of strong password policies and standards. Secondly, informed consent should be given by HEIs on the type of data collected and how it is used and protected, including other healthy tasks performed on them. Finally, HEIs should launch regular cybersecurity reports in the form of information awareness campaigns. The aim is to keep all users up to date on latest security measures and various ways to identify potential attacks.
Table 3. A structured illustration of a cybersecurity framework in HEIs presented in this SLR.
Table 3. A structured illustration of a cybersecurity framework in HEIs presented in this SLR.
CategorySub-CategoryDescriptionCurrent TrendsChallengesSolutions
Cybersecurity ThreatsMalware RansomwareMalicious software that disrupts or lacks access to institutional data.Increasing incidents of ransomware attacks targeting university systems.Lack of awareness and insufficient user training on phishing and malware.Implement multi-factor authentication, educate staff, and use endpoint security tools [45,54].
PhishingFraudulent attempts to obtain sensitive information by pretending to be a trustworthy entity.Growing sophistication in phishing tactics, especially spear-phishing targeting students and staff.Difficulty in differentiating legitimate communications from phishing attempts.Regular training, email filtering tools, and simulated phishing exercises for staff and students [23,33,35].
Insider ThreatsCyberattacks originating from within the institution (e.g., disgruntled employees or students).Rise in insider threats due to increased digital access.Lack of strict access controls and monitoring.Implement least-privilege access, conduct regular audits, and invest in monitoring systems [54].
Cybersecurity FrameworksNISTThe National Institute of Standards and Technology’s framework for improving critical infrastructure cybersecurity.NIST Cybersecurity Framework (CSF) increasingly adopted by universities.Complexity of applying NIST CSF due to resource constraints in universities.Develop a cybersecurity roadmap, align with NIST CSF, and train personnel to manage frameworks [57,58].
ISO/IEC 27001The international standard for information security management systems (ISMSs).Growing adoption of ISO/IEC 27001 in universities is to ensure compliance with data protection laws.Difficulty in full certification due to budget constraints.Create a phased implementation plan, seek third-party guidance, and align ISMSs with university priorities [24,46,58,59,71].
Data Privacy and ProtectionGDPR ComplianceAdherence to the General Data Protection Regulation for handling student and staff data.Increased pressure on universities to comply with GDPR, especially with international students.Challenges in ensuring comprehensive data protection and audit trails across diverse systems.Implement data encryption, anonymize student records, and integrate GDPR compliance in institutional policies [53].
FERPAThe Family Educational Rights and Privacy Act, governing the privacy of student education records in the U.S.FERPA compliance remains a top priority, especially with cloud-based services.Mismanagement of access controls to student records and data.Conduct regular FERPA training and audits, implement access control systems, and encrypt student data [45,52].
Cybersecurity EducationCurriculum IntegrationIncorporating cybersecurity education into academic programmes and curricula.Rise in courses dedicated to cybersecurity and data privacy.Lack of adequately trained faculty and resources to teach specialized cybersecurity topics.Develop interdisciplinary cybersecurity curricula, provide faculty training, and partner with industry for hands-on experience [23,37,48].
Cybersecurity CertificationsProviding certifications and training programmes for students and staff.Growing importance of certifications (e.g., CompTIA Security+, CISSP) for both students and staff in higher education.Financial costs and time constraints for students pursuing certifications.Offer subsidized certification programmes, develop partnerships with certification bodies, and promote flexible study options [50].
Technology InfrastructureCloud SecurityProtection of data and services hosted on cloud platforms (e.g., AWS, Azure).Increasing shift to cloud-based infrastructure, making data more vulnerable to breaches.Difficulty in securing cloud configurations and third-party provider risks.Use cloud security best practices, enable strong access management, and choose reputable cloud service providers [4,11,30,31,68].
Network SecurityProtection of university networks from unauthorized access and attacks.Integration of advanced network security protocols (e.g., SDN, firewalls and VPNs).Overwhelming volume of traffic and limited ability to monitor and secure all endpoints.Invest in next-gen firewalls, intrusion detection systems (IDSs) and network segmentation [5,20,64].
Governance and PoliciesRisk ManagementIdentifying, assessing and mitigating cybersecurity risks to the institution.Growing need for formalized cybersecurity risk management strategies within higher education institutions.Limited resources for risk management and failure to assess evolving threats.Develop comprehensive risk management policies, allocate resources for regular risk assessments, and involve stakeholders [62,69].
Incident ResponseThe process of preparing for and responding to cybersecurity incidents.Emergence of dedicated cybersecurity incident response teams (CIRT) and plans in universities.Difficulty in coordinating responses and lack of trained personnel for high-impact incidents.Develop and test incident response plans, conduct tabletop exercises, and designate incident response teams [8].
Emerging TechnologiesAI and Machine LearningUtilizing AI/ML for detecting anomalies, automating threat detection and improving response times.Integration of AI/ML-driven solutions to monitor and respond to cybersecurity threats.High cost of implementation and complexity of training AI models.Invest in AI-driven security tools and ML algorithms, and partner with research institutions to develop tools [2,7,8,9,15,37,38,60,61,62,64,65].
BlockchainUsing blockchain technology to enhance security, especially for securing academic records and credentials.Growing interest in using blockchain to verify academic credentials and secure digital transactions.Lack of understanding and adoption of blockchain in traditional academic systems.Pilot blockchain initiatives for academic credential verification and ensure security through decentralized networks [39,40,45].

6.4. Enhancing Security Incident and Event Management (SIEM) Systems

The main function of SIEM is to send out an alert whenever an unusual incident occurs on the organisation’s network [71]. The network security administrator can respond and safeguard the internal environment by using a variety of approaches. They are integrated into the SIEM system to trigger an alert for any potentially dangerous activity. This is part of the risk management strategy to manage cybersecurity, by establishing security zone policies and configuration management procedures. In addition, regular software and system updates are maintained to prevent security breaches. Also, allocation of privileges at significantly higher levels is closely monitored, since data security will be compromised if access and privileges are not controlled. A wide range of institution members should collaborate and have a strong security awareness and culture in order for HEI cybersecurity risk management to be effective.
With SIEM, security insights can be obtained through the analysis of big data, including user activity logs and security event logs [72]. Hence, the self-assessment results obtained from the logs can be provided to HEI leaders and policymakers. This gives them a thorough understanding of various cybersecurity standpoints and their inter-relationships. Consequently, HEI managers can use the results to formulate attainable short- and long-term objectives, develop strategies to fill the gaps and take action on behalf of the stakeholders involved. It is noteworthy that the risk of information and system compromise will continually be on the increase, if any of the aforementioned strategies are not implemented. Therefore, to achieve the full benefit, it is important to support all these processes with a strong governance structure.
To strengthen contextual relevance based on the findings discussed in this section, a comparison between cybersecurity practices in HEIs and other sectors such as finance and healthcare is presented in Figure 3. This comparison highlights sector-specific strengths, gaps and transferable lessons that can inform more mature cybersecurity practices within HEIs.
Each row represents a key security dimension rated on a 1–5 scale, where higher values indicate greater maturity or higher severity. The visualization highlights that finance consistently demonstrates the highest cybersecurity maturity, driven by strict regulatory environments, significant security investment and advanced monitoring and IAM capabilities. Healthcare shows moderate maturity, with strong controls for data sensitivity and patch management but weaker monitoring maturity. In contrast, HEIs exhibit the lowest maturity across most categories, particularly in regulatory pressure, investment, IAM practices and monitoring maturity. HEIs score relatively higher only in user-risk exposure, reflecting open campuses and distributed user populations.
Overall, the heatmap clearly illustrates the maturity gap between HEIs and more regulated sectors, emphasizing where HEIs’ cybersecurity needs targeted improvements. Furthermore, the heatmap underscores RQ1–RQ4 and key findings of this study, thereby reinforcing the challenges and solutions discussed in this paper.

7. Suggestions and Recommendations for Cybersecurity Practices in HEIs

The rapidly evolving digital transformation has revolutionized HEIs in terms of how information is accessed and shared. The necessity for robust cybersecurity measures has grown as HEIs increasingly depend on digital technologies to promote their administrative, research and academic operations. Due to the large amount of sensitive data managed by HEIs, such as research data, staff and student personal information and intellectual property, they are frequently targets of cyberattacks. Furthermore, HEIs face unique cybersecurity issues owing to their decentralized and complex structures, comprising multiple users, access points and departments. It is highly important that HEIs adopt proactive, multi-layered cybersecurity measures, considering the increasing incidences and sophistication of cyberattacks. By implementing robust cybersecurity policies, HEIs can reduce threats such as ransomware attacks, data breaches and illegal access to critical IT infrastructure.
Previous sections have covered key research questions, major findings and effectiveness of cybersecurity approaches in HEIs. The recommendations listed below cover critical areas discussed earlier in this paper, some of which include policy development, technological intervention, training, incident response strategies, funding and partnership with qualified cybersecurity professionals. By implementing these policies, HEIs can safeguard their assets, strengthen their cybersecurity status and build a safer online environment for all stakeholders:
  • Proper assessment and classification of overall security units and information assets by HEIs for the purpose of conducting detailed analysis of potential cyberthreats. This involves risk assessment and management to identify compliance requirements and potential security breaches associated with cybersecurity interventions.
  • Establishment of a formidable information security team to effectively coordinate an information security management programme by employing third-party security audits to implement remediation decisions and continuous improvement measures in the event of security gaps and weaknesses.
  • Providing adequate training and awareness to members of HEI communities on the need to always protect their information through regular session timeouts. Considering the substantial amounts of information at the disposal of faculty members, including funding accounts and student grades, these timeouts on every workstation are necessary to prevent vulnerabilities.
  • By using secure protocols, HEIs can safeguard the corporate network and end users can protect their home network. Data will be encrypted and secured during transmission.
In addition, the recommendations discussed in this section can be synthesized into a structured roadmap to guide institutions toward progressive cybersecurity maturity. The roadmap outlines prioritized actions across three implementation horizons.
  • Short-Term Actions (0–12 months):
    • Establish or reinforce cybersecurity governance structures, including clear roles for IT, academic and administrative units.
    • Conduct institution-wide security awareness training tailored to staff, students and researchers.
    • Implement baseline security controls (MFA, patch management, access control, secure configurations).
    • Develop and disseminate incident response procedures and communication protocols.
  • Medium-Term Actions (1–3 years):
    • Deploy advanced security monitoring solutions (e.g., SIEM, behavioural analytics).
    • Formalize risk management processes aligned with ISO 27001 or NIST CSF.
    • Integrate cybersecurity into academic curricula and research project guidelines.
    • Strengthen data management frameworks, including data classification and retention policies.
  • Long-Term Actions (3+ years):
    • Build dedicated cybersecurity research and Security Operations Centers (SOCs) within the institution.
    • Foster inter-institutional collaboration networks for threat intelligence sharing.
    • Adopt AI-driven cybersecurity tools and autonomous response capabilities.
    • Institutionalize continuous improvement cycles through audit and drill exercises.

8. Conclusions

Maintaining safe cyberspace while engaging in remote activities has been a constant concern, due to the challenges experienced by the academic environment. One such challenge has been created by the outbreak of the pandemic. Information security will inevitably face new challenges as local stored data are migrated to the cloud. However, moving essential network operations to the cloud offers great benefits for users’ convenience and prompt access to the required information. Research in this field is vast, and ensuring cybersecurity in HEIs is a complex procedure because of distributed structures and several challenges. One crucial aspect in ensuring cybersecurity is addressing these challenges, specifically with regard to the unique nature of remote activities, while recognizing security threats and assets in HEIs. This systematic review presented the increasing complexity of cybersecurity in HEIs, focusing on different challenges confronting them as a result of their dynamic, open and diverse nature. HIEs are exposed to a greater number of cyberthreats as they continue to implement cutting-edge technologies to support administrative, research and learning activities. The review addressed common problems such as budgetary constraints, inadequate cybersecurity training, inconsistent security regulations, resource limitations and the growing sophistication of cyberattacks impacting HEI operations. In the review, various solutions and best practices that can improve cybersecurity in HEIs were also discussed. These include establishing proactive incident response plans, implementing robust security frameworks and encouraging a culture of cybersecurity awareness at all levels of the institution. Moreover, mitigating risk also requires regular training of staff and students, in addition to investing in modern technological interventions including MFA and IDPS. The review therefore proposed and recommended the adoption of a holistic and proactive strategy that incorporates organisational and technical measures by HEIs. The recommendations will undoubtedly address the rapidly evolving cybersecurity environment. Consequently, HEIs can better protect their critical resources, uphold the integrity of their academic objectives and guarantee the security and privacy of their users in an increasingly digital environment.

Supplementary Materials

The following supporting information can be downloaded at: https://www.mdpi.com/article/10.3390/fi17120575/s1, PRISMA 2020 Checklist.

Author Contributions

O.A.: Conceptualization, literature review, analysis of existing works and writing of the original draft. M.S.T.: Supervision and review on writing and editing. All authors have read and agreed to the published version of the manuscript.

Funding

This research received no external funding.

Data Availability Statement

No data were created during the conduct of this research.

Conflicts of Interest

The authors declare no conflicts of interest.

Abbreviations

The following abbreviations are used in this manuscript:
AIArtificial Intelligence
CCCloud Computing
CSFCybersecurity Framework
CSPCloud Service Provider
DDoSDistributed Denial-of-Service
FERPAFamily Educational Rights and Protection Act
GDPRGeneral Data Protection Regulation
HEIsHigher Education Institutions
HIDSHost Intrusion Detection System
IAMIdentity and Access Management
IDPSIntrusion Detection and Prevention System
IDSIntrusion Detection System
IoTInternet of Things
LMSsLearning Management Systems
MFAMulti-Factor Authentication
MLMachine Learning
NCSCNational Cyber Security Center
NISTNational Institute of Standards and Technology
PIIPersonally Identifiable Information
PRISMAPreferred Reporting Items for Systematic Reviews and Meta-Analysis
SIEMSecurity Incident and Event Management
SLRSystematic Literature Review
VCAVideo Conferencing Applications
ZTAZero Trust Architecture

Appendix A

Table A1. Quality assessment of the selected papers presented in this study.
Table A1. Quality assessment of the selected papers presented in this study.
No.ReferenceScore (%)QualityComment
1[28]65ModeratePeer-reviewed but short format.
2[33]84HighPeer-reviewed empirical study in strong journal.
3[34]85HighStrong empirical study; open access peer review.
4[4]70ModerateQualitative study in indexed journal (regional).
5[52]62ModeratePolicy/law focus; valuable context.
6[30]60ModerateConference proceedings.
7[31]60ModerateConference/industry focus.
8[38]70Moderate-HighBook chapter with empirical focus.
9[13]80HighIEEE magazine/journal; conceptual but reputable.
10[70]62ModerateConference proceedings with general coverage.
11[29]78Moderate-HighScoping review in reputable journal.
12[35]72Moderate-HighNiche journal; empirical study.
13[50]78Moderate-HighStrong topic fit; peer-reviewed.
14[60]62ModerateConference paper; conceptual.
15[53]78Moderate-HighLegal analysis in peer venue.
16[1]78Moderate-HighPeer-reviewed journal; empirical synthesis.
17[40]80HighApplied scheme in peer-reviewed reputable journal.
18[68]78Moderate-HighPeer-reviewed journal survey.
19[20]64ModerateRegional conference proceedings.
20[27]62ModerateRegional outlet; peer-reviewed.
21[37]82HighComprehensive review in reputable journal.
22[44]82HighReputable journal; multivocal review type.
23[21]77Moderate-HighJournal article addressing policy; peer-reviewed.
24[39]78Moderate-HighReputable journal; applied scheme.
25[14]66ModerateConference paper on HEI cybersecurity.
26[24]82HighSystematic review; good evidence synthesis.
27[17]92HighAuthoritative guideline; high reliability.
28[61]66ModerateConference survey on AI for detection.
29[41]76Moderate-HighJournal article on institutional strategies.
30[32]66ModerateTechnical DDoS detection paper.
31[19]55Moderate-LowReviewed journal; narrative survey.
32[36]58Moderate-LowNon-reviewed journal; systematic review.
33[16]56Moderate-LowRegional journal; variable rigour.
34[18]90HighMethod guidance in BMJ series.
35[11]68ModeratePeer-reviewed, education-oriented.
36[58]68ModeratePeer-reviewed journal; comparative framework article.
37[3]76Moderate-HighPeer-reviewed; empirical model.
38[22]70ModeratePeer-reviewed regional journal; case study.
39[64]66ModerateTechnical conference paper.
40[43]78Moderate-HighPeer-reviewed survey.
41[25]72Moderate-HighCritical review in indexed journal.
42[72]64ModeratePeer-reviewed regional journal.
43[46]60ModeratePeer-reviewed engineering journal; deductive research.
44[5]68ModeratePeer-reviewed journal; technical evaluation paper.
45[48]62ModeratePeer-reviewed journal with variable rigour.
46[7]66ModerateIEEE conference; technical content but shorter format.
47[45]80HighReputable IEEE journal; rigorous content.
48[47]64ModerateJournal of variable indexing.
49[6]80HighIEEE Open Journal; rigorous content.
50[23]60ModerateNarrative review in domain journal; broad scope.
51[16]67ModerateEducation conference; evaluation study.
52[71]65ModerateConference paper on SIEM analysis.
53[9]66ModerateConference; technical focus on threat intelligence.
54[51]60ModerateConference proceeding; moderate scope.
55[15]67ModerateConference proceedings; technical ML application.
56[26]80HighSystematic review on MFA frameworks.
57[10]82HighRecent journal article in Computers; strong relevance.
58[62]80HighPeer-reviewed journal; strong content.
59[67]78Moderate-HighRecent peer-reviewed, indexed journal.

References

  1. Abad-Segura, E.; González-Zamar, M.-D.; Infante-Moro, J.C.; Ruipérez García, G. Sustainable Management of Digital Transformation in Higher Education: Global Research Trends. Sustainability 2020, 12, 2107. [Google Scholar] [CrossRef]
  2. Yusuf, A.; Pervin, N.; Román-González, M. Generative AI and the Future of Higher Education: A Threat to Academic Integrity or Reformation? Evidence from Multicultural Perspectives. Int. J. Educ. Technol. High. Educ. 2024, 21, 21. [Google Scholar] [CrossRef]
  3. Alyoussef, I.Y. Acceptance of E-Learning in Higher Education: The Role of Task-Technology Fit with the Information Systems Success Model. Heliyon 2023, 9, e13751. [Google Scholar] [CrossRef]
  4. Odeh, M.; Garcia-Perez, A.; Warwick, K. Cloud Computing Adoption at Higher Education Institutions in Developing Countries: A Qualitative Investigation of Main Enablers and Barriers. Int. J. Inf. Educ. Technol. 2017, 7, 921–927. [Google Scholar] [CrossRef]
  5. Prabowo, W.A.; Fauziah, K.; Nahrowi, A.S.; Faiz, M.N.; Muhammad, A.W. Strengthening Network Security: Evaluation of Intrusion Detection and Prevention Systems Tools in Networking Systems. Int. J. Adv. Comput. Sci. Appl. 2023, 14, 1–10. [Google Scholar] [CrossRef]
  6. Joshi, H. Emerging Technologies Driving Zero Trust Maturity Across Industries. IEEE Open J. Comput. Soc. 2025, 6, 25–36. [Google Scholar] [CrossRef]
  7. Chokkanathan, K.; Karpagavalli, S.M.; Priyanka, G.; Vanitha, K.; Anitha, K.; Shenbagavalli, P. AI-Driven Zero Trust Architecture: Enhancing Cyber-Security Resilience. In Proceedings of the 2024 8th International Conference on Computational System and Information Technology for Sustainable Solutions (CSITSS), Bengaluru, India, 7–9 November 2024; pp. 1–6. [Google Scholar] [CrossRef]
  8. Wahed, M.A.; Alzboon, M.S.; Alqaraleh, M.; Halasa, A.; Al-Batah, M.; Bader, A.F. Comprehensive Assessment of Cybersecurity Measures: Evaluating Incident Response, AI Integration, and Emerging Threats. In Proceedings of the 2024 7th International Conference on Internet Applications, Protocols, and Services (NETAPPS), Kuala Lumpur, Malaysia, 6–7 November 2024; pp. 1–8. [Google Scholar] [CrossRef]
  9. Singh, A.; Kanishka; Dubey, S.K. Analytical Approach Towards Cybersecurity Through AI-Enabled Threat Intelligence. In Proceedings of the 2024 11th International Conference on Reliability, Infocom Technologies and Optimization (Trends and Future Directions) (ICRITO), Noida, India, 14–15 March 2024; pp. 1–6. [Google Scholar] [CrossRef]
  10. Lallie, H.S.; Thompson, A.; Titis, E.; Stephens, P. Analysing Cyber Attacks and Cyber Security Vulnerabilities in the University Sector. Computers 2025, 14, 49. [Google Scholar] [CrossRef]
  11. Wolfschwenger, P.; Sabitzer, B.; Lavicza, Z. Cloud Adoption and Digital Transformation in the Context of Education: A Phenomenological Study. In Proceedings of the 2022 IEEE Frontiers in Education Conference (FIE), Uppsala, Sweden, 8–11 October 2022; pp. 1–9. [Google Scholar] [CrossRef]
  12. Amankulovich, K.S.; Tokhirovich, M.J.; Bakhridinovich, K.T.; Kuvandikovich, T.U.; Ananth, C.; Kumar, T.A. Leveraging Artificial Intelligence in Online Educational Platforms to Enhance Continuous Professional Development in the Teaching Profession. In Proceedings of the 2024 Second International Conference Computational and Characterization Techniques in Engineering & Sciences (IC3TES), Lucknow, India, 15–16 November 2024; pp. 1–5. [Google Scholar] [CrossRef]
  13. Pflaum, A.A.; Gölzer, P. The IoT and Digital Transformation: Toward the Data-Driven Enterprise. IEEE Pervasive Comput. 2018, 17, 87–91. [Google Scholar] [CrossRef]
  14. Kryshtanovych, M.; Kozlovskiy, Y.; Chubinska, N.; Huzii, I.; Lukashevska, U. Ensuring Cybersecurity for Higher Educational Institutions. In Proceedings of the 2021 IEEE 8th International Conference on Problems of Infocommunications, Science and Technology (PIC S&T), Kharkiv, Ukraine, 5–7 October 2021; pp. 183–186. [Google Scholar] [CrossRef]
  15. Strang, K.D.; Rao Vajjhala, N. Exploring Cybersecurity Risks in Higher Education Environments with Machine Learning. In Proceedings of the 2024 4th International Conference on Pervasive Computing and Social Networking (ICPCSN), Salem, India, 3–4 May 2024; pp. 1–6. [Google Scholar] [CrossRef]
  16. Salem, M.; Samara, K.; Pray, J.; Hussein, M. Evaluating the Effectiveness of Online Cybersecurity Program in Higher Education. In Proceedings of the 2024 IEEE Global Engineering Education Conference (EDUCON), Kos Island, Greece, 8–11 May 2024; pp. 1–9. [Google Scholar] [CrossRef]
  17. Page, M.J.; McKenzie, J.E.; Bossuyt, P.M.; Boutron, I.; Hoffmann, T.C.; Mulrow, C.D.; Shamseer, L.; Tetzlaff, J.M.; Akl, E.A.; Brennan, S.E.; et al. The PRISMA 2020 Statement: An Updated Guideline for Reporting Systematic Reviews. BMJ 2021, 372, n71. [Google Scholar] [CrossRef]
  18. Sarri, G.; Patorno, E.; Yuan, H.; Guo, J.; Bennett, D.; Wen, X.; Zullo, A.R.; Largent, J.; Panaccio, M.; Gokhale, M.; et al. Framework for the Synthesis of Non-Randomised Studies and Randomised Controlled Trials: A Guidance on Conducting a Systematic Review and Meta-Analysis for Healthcare Decision Making. BMJ EBM 2022, 27, 109–119. [Google Scholar] [CrossRef]
  19. Jawaid, S.A. Cyber Security Threats to Educational Institutes: A Growing Concern for the New Era of Cybersecurity. Int. J. Data Sci. Big Data Anal. 2022, 2, 11–17. [Google Scholar] [CrossRef]
  20. Arina, A. Network Security Threats to Higher Education Institutions. Cent. East. Eur. EDem EGov (OCG) 2022, 341, 323–333. [Google Scholar] [CrossRef]
  21. Fouad, N.S. Securing Higher Education against Cyberthreats: From an Institutional Risk to a National Policy Challenge. J. Cyber Policy 2021, 6, 137–154. [Google Scholar] [CrossRef]
  22. Eltahir, M.E.; Ahmed, O.S. Cybersecurity Awareness in African Higher Education Institutions: A Case Study of Sudan. Inf. Sci. Lett. 2023, 12, 171–183. [Google Scholar] [CrossRef]
  23. Mouwers-Singh, C.; Musikavanhu, T.B. A Narrative Review on Enhancing Cybersecurity in Higher Education Institutions: The Role of Continuous Training and Awareness. Expert J. Bus. Manag. 2024, 12, 67–73. [Google Scholar]
  24. Merchan-Lima, J.; Astudillo-Salinas, F.; Tello-Oquendo, L.; Sanchez, F.; Lopez-Fonseca, G.; Quiroz, D. Information security management frameworks and strategies in higher education institutions: A systematic review. Ann. Telecommun. 2021, 76, 255–270. [Google Scholar] [CrossRef]
  25. Nuñez, M.; Palmer, X.-L.; Potter, L.; Aliac, C.J.; Velasco, L.C. ICT Security Tools and Techniques among Higher Education Institutions: A Critical Review. Int. J. Emerg. Technol. Learn. 2023, 18, 4–22. [Google Scholar] [CrossRef]
  26. Syahreen, M.; Hafizah, N.; Maarop, N.; Maslinan, M. A Systematic Review on Multi-Factor Authentication Framework. Int. J. Adv. Comput. Sci. Appl. 2024, 15, 1043–1050. [Google Scholar] [CrossRef]
  27. Arina, A.; Anatolie, A. Cyber Security Threat Analysis in Higher Education Institutions as a Result of Distance Learning. Int. J. Sci. Technol. Res. 2021, 10, 128–133. Available online: https://api.semanticscholar.org/CorpusID:233293525 (accessed on 26 March 2025).
  28. Dobre, I. Learning Management Systems for Higher Education—An Overview of Available Options for Higher Education Organizations. Procedia-Soc. Behav. Sci. 2015, 180, 313–320. [Google Scholar] [CrossRef]
  29. Al-Samarraie, H. A Scoping Review of Videoconferencing Systems in Higher Education: Learning Paradigms, Opportunities, and Challenges. Int. Rev. Res. Open Distrib. Learn. 2019, 20, 121–140. [Google Scholar] [CrossRef]
  30. Yi, H.; Nie, Z.; Li, W. Implementation of Learning Management System Based on Cloud Computing. In Proceedings of the 2017 4th IEEE International Conference on Information Science and Control Engineering (ICISCE), Changsha, China, 21–23 July 2017; pp. 380–384. [Google Scholar] [CrossRef]
  31. Zahran, R.M.; Walker-Gleaves, C.; Walker-Gleaves, A. Exposition of Integrating Cloud Computing in Information and Communication Technology Courses in Higher Education. In Proceedings of the 2017 9th IEEE-GCC Conference and Exhibition (GCCCE), Manama, Bahrain, 8–11 May 2017; pp. 1–9. [Google Scholar] [CrossRef]
  32. Hassan, K.F.; Manaa, M.E. Detecting Distributed Denial of Service Attacks in Internet of Things Networks Using Machine Learning in Fog Computing. In Proceedings of the 2022 5th IEEE International Conference on Engineering Technology and its Applications (IICETA), Al-Najaf, Iraq, 31 May–1 June 2022; pp. 323–328. [Google Scholar] [CrossRef]
  33. Sun, J.C.-Y.; Yu, S.-J.; Lin, S.S.J.; Tseng, S.-S. The Mediating Effect of Anti-Phishing Self-Efficacy between College Students’ Internet Self-Efficacy and Anti-Phishing Behavior and Gender Difference. Comput. Hum. Behav. 2016, 59, 249–257. [Google Scholar] [CrossRef]
  34. Gavett, B.E.; Zhao, R.; John, S.E.; Bussell, C.A.; Roberts, J.R.; Yue, C. Phishing Suspiciousness in Older and Younger Adults: The Role of Executive Functioning. PLoS ONE 2017, 12, e0171620. [Google Scholar] [CrossRef]
  35. Broadhurst, R.; Skinner, K.; Sifniotis, N.; Matamoros-Macias, B.; Ipsen, Y. Phishing and Cybercrime Risks in a University Student Community. Int. J. Cybersecur. Intell. Cybercrime 2019, 2, 4–23. [Google Scholar] [CrossRef]
  36. Nassoura, A.B. Cybersecurity Technologies and Practices in Higher Education Institutions: A Systematic Review. Webology 2022, 19, 1152–1167. [Google Scholar]
  37. Bécue, A.; Praça, I.; Gama, J. Artificial Intelligence, Cyber-Threats and Industry 4.0: Challenges and Opportunities. Artif. Intell. Rev. 2021, 54, 3849–3886. [Google Scholar] [CrossRef]
  38. Alhawi, O.M.K.; Baldwin, J.; Dehghantanha, A. Leveraging Machine Learning Techniques for Windows Ransomware Network Traffic Detection. In Cyber Threat Intelligence; Dehghantanha, A., Conti, M., Dargahi, T., Eds.; Advances in Information Security; Springer International Publishing: Cham, Switzerland, 2018; Volume 70, pp. 93–106. [Google Scholar] [CrossRef]
  39. Guha Roy, D.; Srirama, S.N. A Blockchain-based Cyber Attack Detection Scheme for Decentralized Internet of Things Using Software-Defined Network. Softw. Pract. Exp. 2021, 51, 1540–1556. [Google Scholar] [CrossRef]
  40. Al-Abassi, A.; Karimipour, H.; Dehghantanha, A.; Parizi, R.M. An Ensemble Deep Learning-Based Cyber-Attack Detection in Industrial Control System. IEEE Access 2020, 8, 83965–83973. [Google Scholar] [CrossRef]
  41. Cheng, E.C.K.; Wang, T. Institutional Strategies for Cybersecurity in Higher Education Institutions. Information 2022, 13, 192. [Google Scholar] [CrossRef]
  42. Lund, B.D.; Lee, T.-H.; Wang, Z.; Wang, T.; Mannuru, N.R. Zero Trust Cybersecurity: Procedures and Considerations in Context. Encyclopedia 2024, 4, 1520–1533. [Google Scholar] [CrossRef]
  43. Kang, H.; Liu, G.; Wang, Q.; Meng, L.; Liu, J. Theory and Application of Zero Trust Security: A Brief Survey. Entropy 2023, 25, 1595. [Google Scholar] [CrossRef]
  44. Buck, C.; Olenberger, C.; Schweizer, A.; Völter, F.; Eymann, T. Never Trust, Always Verify: A Multivocal Literature Review on Current Knowledge and Research Gaps of Zero-Trust. Comput. Secur. 2021, 110, 102436. [Google Scholar] [CrossRef]
  45. Rivera, J.J.D.; Muhammad, A.; Song, W.-C. Securing Digital Identity in the Zero Trust Architecture: A Blockchain Approach to Privacy-Focused Multi-Factor Authentication. IEEE Open J. Commun. Soc. 2024, 5, 2792–2814. [Google Scholar] [CrossRef]
  46. Singh, C.; Thakkar, R.; Warraich, J. IAM Identity Access Management—Importance in Maintaining Security Systems Within Organizations. Eur. J. Eng. Technol. Res. 2023, 8, 30–38. [Google Scholar] [CrossRef]
  47. Hassan, O.F.; Fatai, F.O.; Aderibigbe, O.; Akinde, A.O.; Onasanya, T.; Sanusi, M.A.; Odukoya, O. Enhancing Cybersecurity through Cloud Computing Solutions in the United States. Intell. Inf. Manag. 2024, 16, 176–193. [Google Scholar] [CrossRef]
  48. Abrahams, T.O.; Ewuga, S.K.; Dawodu, S.O.; Adegbite, A.O.; Hassan, A.O. A Review of Cybersecurity Strategies in Modern Organizations: Examining the Evolution and Effectiveness of Cybersecurity Measures for Data Protection. Comput. Sci. It Res. J. 2024, 5, 1–25. [Google Scholar] [CrossRef]
  49. Ibrahim, F. Importance of Cybersecurity in Educational Institutions. Bachelor’s Thesis, University of Pecs, Pécs, Hungary, 2024. [Google Scholar] [CrossRef]
  50. Catota, F.E.; Morgan, M.G.; Sicker, D.C. Cybersecurity education in a developing nation: The Ecuadorian environment. J. Cybersecur. 2019, 5, tyz001. [Google Scholar] [CrossRef]
  51. Siphambili, N. Exploring Cybersecurity Implications in Higher Education. In Proceedings of the 23rd European Conference on Cyber Warfare and Security (ECCWS), Jyväskylä, Finland, 27–29 June 2024; Volume 23, pp. 526–531. [Google Scholar] [CrossRef]
  52. Parks, C. Beyond compliance: Students and FERPA in the age of big data. J. Intellect. Freedom Priv. 2017, 2, 23–33. [Google Scholar] [CrossRef]
  53. Hoofnagle, C.J.; Van Der Sloot, B.; Borgesius, F.Z. The European Union General Data Protection Regulation: What It Is and What It Means. Inf. Commun. Technol. Law 2019, 28, 65–98. [Google Scholar] [CrossRef]
  54. Boonkrong, S. Multi-Factor Authentication. In Authentication and Access Control; Apress: Berkeley, CA, USA, 2021; pp. 133–162. [Google Scholar] [CrossRef]
  55. Salem, I.E.; Mijwil, M.; Abdulqader, A.W.; Ismaeel, M.M.; Alkhazraji, A.; Alaabdin, A.M.Z. Introduction to The Data Mining Techniques in Cybersecurity. Mesopotamian J. Cybersecur. 2022, 2022, 28–37. [Google Scholar] [CrossRef]
  56. National Cyber Security Centre (NCSC). 10 Steps to Cyber Security. 2021. Available online: https://www.ncsc.gov.uk/collection/10-steps (accessed on 26 February 2025).
  57. Calder, A. NIST Cybersecurity Framework: A Pocket Guide; IT Governance Publishing Ltd.: Ely, UK, 2018; p. 78. [Google Scholar] [CrossRef]
  58. Alshar’e, M. Cyber security framework selection: Comparison of NIST and ISO27001. Appl. Comput. J. 2023, 3, 245–255. [Google Scholar] [CrossRef]
  59. ISO/IEC 27000:2022; Information Security Management Systems. ISO/IEC: Geneva, Switzerland, 2022. Available online: https://www.iso.org/isoiec-27001-information-security.html (accessed on 26 March 2025).
  60. Geluvaraj, B.; Satwik, P.M.; Ashok Kumar, T.A. The Future of Cybersecurity: Major Role of Artificial Intelligence, Machine Learning, and Deep Learning in Cyberspace. In International Conference on Computer Networks and Communication Technologies; Springer: Singapore, 2018; Volume 15, pp. 739–747. [Google Scholar] [CrossRef]
  61. Salih, A.; Zeebaree, S.T.; Ameen, S.; Alkhyyat, A.; Shukur, H.M. A Survey on the Role of Artificial Intelligence, Machine Learning and Deep Learning for Cybersecurity Attack Detection. In Proceedings of the 2021 7th IEEE International Engineering Conference “Research & Innovation amid Global Pandemic” (IEC), Erbil, Iraq, 24–25 February 2021; pp. 61–66. [Google Scholar] [CrossRef]
  62. Ali, S.M.; Razzaque, A.; Yousaf, M.; Ali, S.S. A Novel AI-Based Integrated Cybersecurity Risk Assessment Framework and Resilience of National Critical Infrastructure. IEEE Access 2025, 13, 12427–12446. [Google Scholar] [CrossRef]
  63. Afolalu, O.; Tsoeu, M.S. Artificial Intelligence as the Next Frontier in Cyber Defense: Opportunities and Risks. Electronics 2025, 14, 4853. [Google Scholar] [CrossRef]
  64. Islam, M.T.; Syfullah, M.K.; Islam, J.; Quadir, H.M.S.; Rashed, M.G.; Das, D. Exploring the Potential: ML vs. DL in Network Security with Explainable AI (XAI) Insights. In Proceedings of the 2023 26th IEEE International Conference on Computer and Information Technology (ICCIT), Cox’s Bazar, Bangladesh, 13–15 December 2023; pp. 1–6. [Google Scholar] [CrossRef]
  65. Elbes, M.; Hendawi, S.; AlZu’bi, S.; Kanan, T.; Mughaid, A. Unleashing the Full Potential of Artificial Intelligence and Machine Learning in Cybersecurity Vulnerability Management. In Proceedings of the 2023 IEEE International Conference on Information Technology (ICIT), Amman, Jordan, 9–10 August 2023; pp. 276–283. [Google Scholar] [CrossRef]
  66. Su, J. Why Cloud Computing Cyber Security Risks Are on the Rise: Report; Forbes: Jersey City, NJ, USA, 25 July 2019; Available online: https://www.forbes.com/sites/jeanbaptiste/2019/07/25/why-cloud-computing-cyber-security-risks-are-on-the-rise-report/13a36bfc5621 (accessed on 8 March 2025).
  67. Afolalu, O.; Tsoeu, M.S. Enterprise Networking Optimization: A Review of Challenges, Solutions, and Technological Interventions. Future Internet 2025, 17, 133. [Google Scholar] [CrossRef]
  68. Ahmad, W.; Rasool, A.; Javed, A.R.; Baker, T.; Jalil, Z. Cyber Security in IoT-Based Cloud Computing: A Comprehensive Survey. Electronics 2021, 11, 16. [Google Scholar] [CrossRef]
  69. Rothrock, R.A.; Kaplan, J.; Van Der Oord, F. The Board’s Role in Managing Cybersecurity Risks. MIT Sloan Manag. Rev. 2018, 59, 12–15. [Google Scholar]
  70. Spremić, M.; Šimunic, A. Cyber Security Challenges in Digital Economy. In Proceedings of the World Congress on Engineering, London, UK, 4–6 July 2018; Volume 1, pp. 341–346. Available online: https://api.semanticscholar.org/CorpusID:211547880 (accessed on 26 March 2025).
  71. Sashwin, K.; Nithika, K.S.; Priyadharshini, S.; Maduvant, S.P.; Saranya. Analysis, Trends, and Utilization of Security Information and Event Management (SIEM) in Critical Infrastructures. In Proceedings of the 2024 10th IEEE International Conference on Advanced Computing and Communication Systems (ICACCS), Coimbatore, India, 14–15 March 2024; Volume 1, pp. 1980–1984. [Google Scholar] [CrossRef]
  72. ProkoPowicz, D.; Golkebiowska, A.; Such-Pyrgiel, M. The Role of Big Data and Data Science in the Context of Information Security and Cybersecurity. J. Mod. Sci. 2023, 53, 9–42. [Google Scholar] [CrossRef]
Futureinternet 17 00575 g001
Figure 1. PRISMA flowchart of Systematic Literature Review (SLR) methodology for article selection and filtering.
Figure 1. PRISMA flowchart of Systematic Literature Review (SLR) methodology for article selection and filtering.
Futureinternet 17 00575 g001
Futureinternet 17 00575 g002
Figure 2. Principles of cybersecurity.
Figure 2. Principles of cybersecurity.
Futureinternet 17 00575 g002
Futureinternet 17 00575 g003
Figure 3. Cybersecurity maturity heatmap comparing HEIs, finance and healthcare across nine key security dimensions.
Figure 3. Cybersecurity maturity heatmap comparing HEIs, finance and healthcare across nine key security dimensions.
Futureinternet 17 00575 g003
Table 1. Inclusion and exclusion criteria.
Table 1. Inclusion and exclusion criteria.
FrameworkKeyIncludedExcluded
Population (P)Higher education institutions (HEIs)
-
Studies focusing on cybersecurity within HEIs such as universities, colleges and research institutions.
-
Stakeholders including students, faculty, staff, researchers and IT administrators.
-
Institutions managing sensitive data, intellectual property or research infrastructure.
-
Studies on cybersecurity in non-educational sectors (e.g., healthcare, corporate or governmental organisations).
-
Studies focusing solely on K-12 education or primary/secondary schools.
Intervention (I)Cybersecurity measures and frameworks
-
Studies discussing cybersecurity frameworks, strategies, tools and practices adopted by HEIs.
-
Topics such as identity and access management, IDPS, ZTA, secure network design and incident response.
-
Studies focusing on educational awareness and training programmes to improve cybersecurity resilience.
-
Interventions unrelated to cybersecurity, such as general IT improvements or unrelated administrative technologies.
-
Studies focusing exclusively on cybersecurity for non-higher education contexts.
Comparison (C)Modern versus traditional approaches or lack of adequate cybersecurity practices
-
Studies comparing cybersecurity interventions, policies or frameworks within HEIs.
-
Research examining the impact of emerging threats, such as ransomware, phishing or insider attacks and HEIs’ responses.
-
Analysis of the challenges HEIs face, such as budget constraints, lack of expertise or balancing openness and security.
-
Studies without a comparative element (e.g., those lacking evaluation or discussion of trends/challenges).
-
Research focused purely on theoretical frameworks without application or relevance to HEIs.
Outcomes (O)Cybersecurity effectiveness and challenges
-
Studies measuring outcomes such as improved security posture, reduced incident frequency, enhanced data protection and user awareness in HEIs.
-
Documentation of barriers such as resource constraints, technical challenges or cultural resistance to cybersecurity measures.
-
Identification of emerging trends like cloud adoption, remote learning impacts or artificial intelligence in cybersecurity.
-
Studies without clear outcomes or insights into cybersecurity practices in HEIs.
-
Outcomes unrelated to cybersecurity or limited to IT performance without security implications.
Study Design (S)Relevant research types
-
Empirical studies, including quantitative, qualitative and mixed-method research.
-
Systematic reviews, meta-analyses, case studies or policy analyses focused on cybersecurity in HEIs.
-
Reports or evaluations from credible academic or governmental sources.
-
Opinion pieces, editorials or studies lacking rigorous methodology.
-
Non-peer-reviewed content such as blog posts, white papers or non-academic sources.
Time Frame (T)Period of study
-
Studies published within the last 10 years to capture recent trends and challenges, reflecting the rapid evolution of cybersecurity technologies and threats.
-
Exceptions may be made for seminar works or studies offering foundational insights into HEI cybersecurity.
-
Studies published before the defined time frame unless highly relevant or influential in the field.
Table 2. Data extraction process presenting key findings in this study.
Table 2. Data extraction process presenting key findings in this study.
CategoryVariables Extracted
Study informationAuthor(s), year of publication, region.
Study designStudy type (empirical, conceptual, case study, experimental/framework proposal), research design, data sources.
Population/contextType of HEI, scale of deployment, user groups involved (students, faculty, IT staff, administrators).
Cybersecurity challenges addressedThreat (phishing, ransomware), data breaches, access control weaknesses, governance gaps or technical vulnerabilities.
Intervention/solutionTechnical controls, administrative policies, human-centric training programmes, policy-based frameworks, security tools, governance models, detection and prevention mechanisms.
Methodological approachQualitative, quantitative, evaluation metrics.
Outcomes and effectivenessReported impact, performance, adoption, limitations.
Key findingsMain contributions and insights, implications for HEIs, relevance to cybersecurity posture.
Notable gapsLimitations reported by the authors, unresolved problems or future research recommendations.
Disclaimer/Publisher’s Note: The statements, opinions and data contained in all publications are solely those of the individual author(s) and contributor(s) and not of MDPI and/or the editor(s). MDPI and/or the editor(s) disclaim responsibility for any injury to people or property resulting from any ideas, methods, instructions or products referred to in the content.

Share and Cite

MDPI and ACS Style

Afolalu, O.; Tsoeu, M.S. Cybersecurity in Higher Education Institutions: A Systematic Review of Emerging Trends, Challenges and Solutions. Future Internet 2025, 17, 575. https://doi.org/10.3390/fi17120575

AMA Style

Afolalu O, Tsoeu MS. Cybersecurity in Higher Education Institutions: A Systematic Review of Emerging Trends, Challenges and Solutions. Future Internet. 2025; 17(12):575. https://doi.org/10.3390/fi17120575

Chicago/Turabian Style

Afolalu, Oladele, and Mohohlo Samuel Tsoeu. 2025. "Cybersecurity in Higher Education Institutions: A Systematic Review of Emerging Trends, Challenges and Solutions" Future Internet 17, no. 12: 575. https://doi.org/10.3390/fi17120575

APA Style

Afolalu, O., & Tsoeu, M. S. (2025). Cybersecurity in Higher Education Institutions: A Systematic Review of Emerging Trends, Challenges and Solutions. Future Internet, 17(12), 575. https://doi.org/10.3390/fi17120575

Note that from the first issue of 2016, this journal uses article numbers instead of page numbers. See further details here.

Article Metrics

Back to TopTop