Evaluating the Impact of Staff Cybersecurity Culture on Cyber Resilience in Colleges of Education: Insights from 12 Colleges of Education in Ghana
Daniel Paa Korsah 
Issue: Vol.6 No. 4 April 2025 Article 6 pp.203 – 218
DOI : https://doi.org/10.38159/jelt.2025646 | Published online 17th April, 2025.
© 2025 The Author(s). This is an open access article under the CCBY license (http://creativecommons.org/licenses/by/4.0/).
Tertiary educational institutions have become increasingly reliant on computers and network technologies for their operations in the last few decades and this comes with a significant increase in cyber threats. Ghanaian Colleges of Education (CoEs), which are responsible for training teachers for basic schools, also face these cybersecurity challenges. A key solution to mitigating these challenges is the development of a robust cybersecurity culture among academic and non-academic staff. This study aimed to assess the impact of the Cybersecurity Act 2020 (Act 1038) on staff perceptions of the importance of cybersecurity, the effectiveness of technical measures against cyber threats and the perceived cyber resilience of the colleges. The study employed a mixed-method approach, using a descriptive cross-sectional survey design with a sample of 298 academic and non-academic staff from 12 colleges. A questionnaire and an interview guide were used to collect both quantitative and qualitative data. The findings revealed that awareness of the Cybersecurity Act 2020 was low among CoE staff, limiting its impact on their perception of cybersecurity importance. Despite low awareness of the Act, staff demonstrated a strong commitment to personal cybersecurity practices, indicating a need for structured institutional cybersecurity policies and training. The study emphasizes the need for targeted cybersecurity awareness programs for CoE staff and stronger collaboration between CoEs, the Ministry of Education and other stakeholders to establish a proactive cybersecurity culture. Empirical data on how staff in Ghanaian CoEs perceive and practice cybersecurity is presented, contributing to the expanding research on cybersecurity culture in educational institutions.
Keywords: Cybersecurity Culture, Cyber Resilience, Staff Perceptions, Tertiary Education.
Alsaqour, Raed, Ahmed Motmi, and Maha Abdelhaq. “A Systematic Study of Network Firewall and Its Implementation.” International Journal of Computer Science & Network Security 21, no. 4 (2021): 199–208.
Alshaikh, Moneer. “Developing Cybersecurity Culture to Influence Employee Behavior: A Practice Perspective.” Computers & Security 98 (November 2020): 1–20. https://doi.org/10.1016/j.cose.2020.102003.
Anilkumar, Anagha, Filip Dimitrov, and Anup Narayanan. “The Differences and Relationship Between Awareness, Behavior, and Cyber Security Culture,” November 29, 2023. https://securityquotient.io/the-differences-and-relationship-between-awareness-behavior-and-culture-in-cyber-security/.
Araujo, Misael Sousa de, Bruna Aparecida Souza Machado, and Francisco Uchoa Passos. “Resilience in the Context of Cyber Security: A Review of the Fundamental Concepts and Relevance.” Applied Sciences 14, no. 5 (March 4, 2024): 1–16. https://doi.org/10.3390/app14052116.
Candour Legal. “ Comprehending the Nuances of Cybersecurity Legal Frameworks Across the Globe,” May 24, 2024. https://candourlegal.com/comprehending-the-nuances-of-cybersecurity-legal-frameworks-across-the-globe/.
Celeste, Rifel Jeene, and Nimfa Osias. “Challenges and Implementation of Technology Integration: Basis for Enhanced Instructional Program.” American Journal of Arts and Human Science 3, no. 2 (June 4, 2024): 106–30. https://doi.org/10.54536/ajahs.v3i2.2656.
Chaudhary, Sunil, Vasileios Gkioulos, and Sokratis Katsikas. “Developing Metrics to Assess the Effectiveness of Cybersecurity Awareness Program.” Journal of Cybersecurity 8, no. 1 (January 28, 2022): 1. https://doi.org/10.1093/cybsec/tyac006.
Chen, Yan, Dennis F. Galletta, Paul Benjamin Lowry, Xin (Robert) Luo, Gregory D. Moody, and Robert Willison. “Understanding Inconsistent Employee Compliance with Information Security Policies Through the Lens of the Extended Parallel Process Model.” Information Systems Research 32, no. 3 (September 2021): 1043–65. https://doi.org/10.1287/isre.2021.1014.
Chipeta, Catherine. “What Is an Intrusion Detection System (IDS)? + Best IDS Tools.” , November 18, 2024. https://www.upguard.com/blog/intrusion-detection-system.
Dellapina, Abby, Abhishek Kumar Singh, Adam Benson, and Adam Glick. “ The Crucial Role of Regulatory Frameworks in Ensuring Robust Cyber Security,” July 16, 2014. https://cyberprotection-magazine.com/our-authors.
Farok, Nur Aqilah Zaffan, and Mohamad Fadli Zolkipli. “Incident Response Planning and Procedures.” Borneo International Journal EISSN 2636-9826 7, no. 2 (2024): 69–76.
Furnell, Steven, and Jayesh Navin Shah. “Home Working and Cyber Security – an Outbreak of Unpreparedness?” Computer Fraud & Security 2020, no. 8 (January 2020): 6–12. https://doi.org/10.1016/S1361-3723(20)30084-1.
Gordon, Lawrence A, Martin P Loeb, and Lei Zhou. “The Impact of Information Security Breaches: Has There Been a Downward Shift in Costs?” Journal of Computer Security 19, no. 1 (2011): 33–56.
Hall, Peter. “ Building a Resilient Cybersecurity Culture in Educational Institutions,” February 12, 2024. https://secarma.com/building-a-resilient-cybersecurity-culture-in-educational-institutions.
Hernadez, Juan. “Cybersecurity Challenges in Education,” June 10, 2024. https://preyproject.com/blog/cybersecurity-challenges-in-education.
Housen-Couriel, Deborah. “Information Sharing as a Critical Best Practice for the Sustainability of Cyber Peace.” In Cyber Peace, 39–63. Cambridge University Press, 2022. https://doi.org/10.1017/9781108954341.003.
Karlsson, Martin, Fredrik Karlsson, Joachim Åström, and Thomas Denk. “The Effect of Perceived Organizational Culture on Employees’ Information Security Compliance.” Information & Computer Security 30, no. 3 (2021): 382–401.
Khando, Khando, Shang Gao, Sirajul M. Islam, and Ali Salman. “Enhancing Employees Information Security Awareness in Private and Public Organisations: A Systematic Literature Review.” Computers & Security 106 (July 2021): 1–22. https://doi.org/10.1016/j.cose.2021.102267.
Kuraku, Sivaraju, Dinesh Kalla, Fnu Samaah, and Nathan Smith. “Cultivating Proactive Cybersecurity Culture among IT Professional to Combat Evolving Threats.” International Journal of Electrical, Electronics and Computers 8, no. 6 (2023): 01–07. https://doi.org/10.22161/eec.86.1.
Li, Ling, Wu He, Li Xu, Ivan Ash, Mohd Anwar, and Xiaohong Yuan. “Investigating the Impact of Cybersecurity Policy Awareness on Employees’ Cybersecurity Behavior.” International Journal of Information Management 45, no. 7 (April 2019): 13–24. https://doi.org/10.1016/j.ijinfomgt.2018.10.017.
Ministry of Communications and Digitalisation. “National Cybersecurity Awareness Month Launched to Educate Public on Digital Safety,” September 2, 2024. https://moi.gov.gh/newsroom/2024/09/national-cybersecurity-awareness-month-launched-to-educate-public-on-digital-safey.
Mukherjee, Madhav, Ngoc Thuy Le, Yang-Wai Chow, and Willy Susilo. “Strategic Approaches to Cybersecurity Learning: A Study of Educational Models and Outcomes.” Information 15, no. 2 (February 18, 2024): 1–23. https://doi.org/10.3390/info15020117.
National Institute of Standards and Technology. “The NIST Cybersecurity Framework (CSF) 2.0,” February 26, 2024. https://doi.org/10.6028/NIST.CSWP.29.
Puhakainen, and Siponen. “Improving Employees’ Compliance Through Information Systems Security Training: An Action Research Study.” MIS Quarterly 34, no. 4 (2010): 757–78. https://doi.org/10.2307/25750704.
Rahman, N. A. A, I. H. Sairi, N. A. M. Zizi, and F. Khalid. “The Importance of Cybersecurity Education in School.” International Journal of Information and Education Technology 10, no. 5 (2020): 378–82. https://doi.org/10.18178/ijiet.2020.10.5.1393.
Safitra, Muhammad Fakhrul, Muharman Lubis, and Hanif Fakhrurroja. “Counterattacking Cyber Threats: A Framework for the Future of Cybersecurity.” Sustainability 15, no. 18 (September 6, 2023): 1–32. https://doi.org/10.3390/su151813369.
Sigurðsson, Ragnar. “ The Human Element: A Crucial Aspect of Cyber Risk Assessment Services and 8 Ways to Address It,” July 27, 2023. https://awarego.com/the-human-element-in-cyber-risk-assessment-services/.
Tolossa, Dawit. “Importance of Cybersecurity Awareness Training for Employees in Business.” VIDYA – A JOURNAL OF GUJARAT UNIVERSITY 2, no. 2 (August 8, 2023): 104–7. https://doi.org/10.47413/vidya.v2i2.206.
Uchendu, Betsy, Jason R.C. Nurse, Maria Bada, and Steven Furnell. “Developing a Cyber Security Culture: Current Practices and Future Needs.” Computers & Security 109 (October 2021): 102387. https://doi.org/10.1016/j.cose.2021.102387.
Willie, Michael Mncedisi. “The Role of Organizational Culture in Cybersecurity: Building a Security-First Culture.” Journal of Research, Innovation and Technologies (JoRIT) 2, no. 16 (September 2023): 180. https://doi.org/10.57017/jorit.v2.2(4).05.
Yan, Zheng, Thomas Robertson, River Yan, Sung Yong Park, Samantha Bordoff, Quan Chen, and Ethan Sprissler. “Finding the Weakest Links in the Weakest Link: How Well Do Undergraduate Students Make Cybersecurity Judgment?” Computers in Human Behavior 84 (2018): 375–82.
Dr. Daniel Paa Korsah is an esteemed lecturer at Komenda College of Education in Ghana. Holding a PhD in Information and Communication Technology, Dr. Korsah is a dedicated educator with a profound academic background. He has earned both an M.Ed. in Information Technology and a B.Ed. in Computer Science. Driven by a passion for advancing educational practices, his primary research focus revolves around E-Learning, technology acceptance and cybersecurity. His interest in cybersecurity research explores its implications for education and digital safety. Dr. Korsah’s wealth of knowledge and commitment to the field make him a valuable contributor to the discourse on the intersection of education, technology and cybersecurity.
Korsah, Daniel Paa. “Evaluating the Impact of Staff Cybersecurity Culture on Cyber Resilience in Colleges of Education: Insights from 12 Colleges of Education in Ghana.” Journal of Education and Learning Technology 6, no.4 (2025): 203 – 218. https://doi.org/10.38159/jelt.2025646
© 2025 The Author(s). Published and Maintained by Noyam Journals. This is an open access article under the CCBY license (http://creativecommons.org/licenses/by/4.0/).
Featured