This study aims to identify the current practice of cybersecurity risk management frameworks in Malaysian institutions of higher learning that address the security defies. This research employs a qualitative approach using a semi-structured interview to identify the current frameworks. Therefore, the thematic analysis of the information and the literature review on cybersecurity risk management in Malaysian higher education institutions is done. It expects to find the list of frameworks applied in the higher learning institutions. Moreover, this allows covering a wide range of cybersecurity risk management problems within the system of higher education institutions. It is hoped this study will make significant contributions to cybersecurity risk management literature theoretically and practically.