Article: Rule of law education for cybersecurity governance in higher education institutions: a framework for policy and practice Journal: International Journal of Electronic Security and Digital Forensics (IJESDF) 2026 Vol.18 No.9 pp.1 - 22 Abstract: This study proposes a governance framework that integrates rule of law education into cybersecurity management within higher education institutions (HEIs). By emphasising legal compliance, risk management, and awareness, the framework addresses human and organisational vulnerabilities, thereby enhancing institutional resilience against evolving cyber threats. The growing prevalence of data breaches, ransomware, and human-related risks underscores the critical importance of cybersecurity in HEIs. While prior research has largely concentrated on technical safeguards, limited attention has been given to integrating legal, organisational, and governance dimensions. Adopting a qualitative design, this study employed semi-structured interviews with IT managers, security officers, and policymakers across multiple institutions. Data triangulation and iterative validation informed the framework's development. Findings showed high adoption in quality standards (85%), data privacy (80%), and reporting (75%), with lower levels in risk management (60%) and compliance monitoring (65%). Expert consensus, confirmed through Delphi sessions, yielded Kendall's W scores above 0.78. Inderscience Publishers - linking academia, business and industry through research

Title: Rule of law education for cybersecurity governance in higher education institutions: a framework for policy and practice

Authors: Jinyan Xue

Addresses: Shandong Huayu University of Technology, Marxist Academy, DeZhou, Shandong 253034, China

Abstract: This study proposes a governance framework that integrates rule of law education into cybersecurity management within higher education institutions (HEIs). By emphasising legal compliance, risk management, and awareness, the framework addresses human and organisational vulnerabilities, thereby enhancing institutional resilience against evolving cyber threats. The growing prevalence of data breaches, ransomware, and human-related risks underscores the critical importance of cybersecurity in HEIs. While prior research has largely concentrated on technical safeguards, limited attention has been given to integrating legal, organisational, and governance dimensions. Adopting a qualitative design, this study employed semi-structured interviews with IT managers, security officers, and policymakers across multiple institutions. Data triangulation and iterative validation informed the framework's development. Findings showed high adoption in quality standards (85%), data privacy (80%), and reporting (75%), with lower levels in risk management (60%) and compliance monitoring (65%). Expert consensus, confirmed through Delphi sessions, yielded Kendall's W scores above 0.78.

Keywords: cybersecurity governance; rule of law education; higher education institutions; HEIs; risk management; compliance; data privacy; quality assurance; QA; institutional strategies; cybersecurity awareness; policy framework.

DOI: 10.1504/IJESDF.2026.153723

International Journal of Electronic Security and Digital Forensics, 2026 Vol.18 No.9, pp.1 - 22

Received: 04 Sep 2025
Accepted: 14 Feb 2026
Published online: 21 May 2026 *

Title: Rule of law education for cybersecurity governance in higher education institutions: a framework for policy and practice

Keep up-to-date