Higher education institutions (HEIs) are increasingly vulnerable to cybersecurity attacks. As HEIs shift their operations online, they inevitably employ open systems and decentralized processing, making them particularly susceptible to cyberattacks.  The study aims to identify the cybersecurity frameworks that HEIs currently employ as well as the characteristics that these frameworks must have. Initially, a comprehensive literature review was conducted to determine current cybersecurity practices and frameworks used by HEIs. This is followed by expert interviews with IT and cybersecurity professionals to gather insights into the attributes of effective cybersecurity frameworks. Qualitative data is analyzed through thematic coding to identify common characteristics and challenges. Finally, a proposed cybersecurity framework is developed by integrating these identified attributes with established cybersecurity concepts and best practices. The framework, developed from the identified attributes and established concepts, offers a comprehensive approach tailored to the specific needs of HEIs. By incorporating insights from industry professionals and aligning with best practices, the framework provides a robust tool for enhancing the cybersecurity posture of HEIs. This research contributes to the ongoing development of effective cybersecurity strategies in the higher education sector. It underscores the importance of a tailored approach to addressing the evolving cyber threat landscape.