Securing Higher Education Institutions in the Fourth Industrial Revolution: Developing a Cybersecurity Risk Management Framework in Malaysia

Abstract:

In the fourth industrial revolution context, higher education institutions present a complex, compelling, and exciting opportunity to transform society positively. However, the application of cyber-attacks to many aspects of universities' operating systems has become a cause for concern. This is due to new approaches, modified frameworks, and more sophisticated information technology (IT) infrastructure, which may lead to unknown risks. The first objective of this study is to identify the latest frameworks of cybersecurity risk management suites for higher education institutions in line with Industry 4.0. The second objective is to propose a comparative study plan that will enable the formulation of a suitable cybersecurity risk management framework for higher education in Malaysia. To achieve these objectives, a qualitative methodology using an in-depth interview method and a focus group discussion was adopted. The findings of this research highlight a suitable cybersecurity risk management framework for higher education in Malaysia. Consequently, a new and appropriate cybersecurity risk management framework for higher education in Malaysia based on Industry 4.0 has been formulated. This research serves as a reference for stakeholders and policymakers directly involved in developing a cybersecurity risk management framework primarily for higher education in the country. It also enhances the understanding and knowledge of the cybersecurity risk management framework. The future direction of this study is to propose a cybersecurity risk management framework based on the reviews of the present frameworks used in Malaysian universities.