Building a Culture of Cybersecurity Awareness in Libraries: A Systematic Review of Best Practices and Frameworks

Abstract

As libraries digitize their operations and collections, they confront escalating cybersecurity threats that jeopardize user privacy, intellectual property, and service integrity. This systematic review examines best practices and frameworks aimed at building a culture of cybersecurity awareness among library stakeholders. Adhering to PRISMA guidelines, the researcher analyzed 37 studies from Scopus, Web of Science, and LISA published between 2000 and 2024. The analysis revealed five crucial themes: customized training programs, merging cybersecurity with digital literacy, aligning organizational culture, engaging all stakeholders inclusively, and implementing continuous evaluation. The findings show that effective cybersecurity awareness in libraries hinges on a comprehensive approach that balances technical solutions with human factors. Successful programs actively involve diverse stakeholders through participatory methods, align security measures with institutional goals, and integrate awareness activities into broader organizational frameworks. This review presents a versatile best practices framework for libraries that adapts to diverse contexts, digital literacy levels, and resource limitations. Integrating protection motivation theory with collaborative learning, we offer actionable recommendations for library professionals to cultivate sustainable cybersecurity cultures. Findings reveal that cybersecurity awareness is not just a technical necessity; it's a cultural imperative demanding continuous institutional commitment and collaboration among stakeholders".