Author: Adam Aloyce Semlambo (Institute of Accountancy Arusha, Tanzania)
Abstract: In the face of escalating cyber threats, Tanzanian public higher learning institutions (PHLIs) face unique challenges in ICT security incident reporting due to organizational, behavioral and cultural barriers. While previous studies emphasized the role of socio-technical factors in shaping cybersecurity practices, there is a distinct research gap regarding how these factors manifest in resource-constrained African academic environments. This study aimed to investigate the behavioral, organizational and cultural factors influencing incident reporting behavior in Tanzanian PHLIs. Employing a sequential explanatory mixed-methods design, the study surveyed384participants and conducted interviews with 30 key informants across eight purposively selected institutions, using stratified and systematic random sampling techniques. Key findings revealed that while staff recognize reporting as their responsibility and understand required procedures, fear of blame, lack of trust in confidentiality, inadequate training and weak leadership engagement significantly hinder actual reporting practices. Statistical analysis confirmed that organizational enablers, such as leadership support, regular training and clear confidential reporting mechanisms significantly correlated with improved reporting behavior, whereas demographic variables had no significant impact. These findings underscore the importance of aligning technical systems with institutional culture and user behavior. The study recommends decentralizing reporting channels, implementing anonymous mechanisms, reinforcing leadership support and reviewing ICT policies to foster a proactive and resilient cybersecurity environment in Tanzanian PHLIs.