Cybersecurity, as a security management requirement, is essential to understanding data security in higher institutions. This study aims to explore the role of cybersecurity in the performance of Malaysian higher education institutions through semi-structured qualitative interviews with 10 cybersecurity risk management officers from 10 public universities. The data were analysed using thematic analysis to identify the themes and sub-themes that revealed the strengths and deficiencies of the current cybersecurity frameworks. Results showed that cybersecurity implementation is considered a successful innovation in Malaysian universities and has contributed to protecting the data of students and staff, which in turn allowed the universities to improve their reputation. This study contributed significantly to the understanding of the performance and applicability of cybersecurity in universities. It showed the efficient use of resources, identification and detection of risk exposures, and improved cybersecurity communication between the technical team and top management are essential for a good decision-making process.