Higher education institutions (HEIs) are open in their nature, decentralized, rich in population and private data, home to some ground-breaking research and innovations. As such, HEIs attract quite a substantial threat and cyberattacks due to their heavy reliance on the Internet. However, there is poor cybersecurity culture and low awareness that are motivated by generational differences that are characterised by "digital natives" and "digital residents" and gaps in technology savviness impacting cybersecurity compliance in a specific higher education environment. Whilst technologies to prevent and response to cyberattacks have been inevitable, their effectiveness lie extensively rather on heterogeneous human factors in enforcing their principles in the context of compliance. Thus, the objective of this study was to develop a theoretical framework for effective cybersecurity compliance strategy in HEIs. To do this, we would focus on critical factors such as cybersecurity and organizational cultures into compliance theory and protected motivated theory (PMT) respectively to help in understanding how cybersecurity compliance can be achieved in HEIs.