New technology-empowered cybersecurity controls in higher education institutions: a systematic review

Abstract The advent of fourth industrial revolution has brought with it a myriad of advanced technologies, which have simultaneously given rise to new, technologically sophisticated threats for Higher Education Institutions (HEIs). This meant that HEIs had to adopt new cybersecurity strategies incorporating technologies to counter new threats. However, it is not clear to what extent HEIs have adopted and integrated advanced technologies such as Artificial Intelligence/Machine learning (AI/ML) into their traditional cybersecurity strategies for mitigating evolving threats within the HEI context. The study sought to explore current adoption of emerging technologies to enhance cybersecurity posture in HEIs. The study also sought to determine reviewed studies report on the effectiveness of the new emerging technologies in mitigating evolving threats in HEIs. A Systematic Literature Review (SLR) was used to qualitatively examine literature on emerging technologies in HEIs. Guided by the PRISMA framework, the selection process focused on relevant literature from selected databases. A total of 287 studies were retrieved and assessed for eligibility, with 23 studies ultimately included to explore the emerging technologies employed by HEIs to mitigate technological threats. From a thematic analysis of data, findings showed that 4 main new technologies have been adopted and integrated by HEIs, which include AI/ML, cloud services, blockchain and biometric systems. However, the diffusion and adoption of these technologies face challenges related to system integration and resistance or unwillingness to undergo training for new systems. Factors such as lack of integration of systems, resistance to change and the disjointed regulatory environment led to slow adoption and lead to a proliferation of much more aggressive and evolved threats in HEIs. There was also need for training and cybersecurity awareness campaigns to build cybersecurity culture around emerging technologies. Thus, establishing a centralised framework for governance incorporating new technologies to existing cybersecurity controls will address existing challenges of technology adoption in HEIs.