As organizations increasingly move towards digital transformation, the internet has become their prominent channel of communication and data sharing. This has raised concerns about cybersecurity, compelling organizations, including academic institutions, to strengthen their protection sphere. Employees play a significant role in defending against cyberattacks, and it becomes essential for the security team to constantly raise awareness among them. As part of efforts to enhance cybersecurity, this study assessed the level of cybersecurity awareness among employees at a private university in Papua New Guinea. Data were collected through online questionnaires and structured face-to-face interviews with senior management. Data were analyzed using statistical tools. The findings revealed that only 20% of the employees had high levels of awareness about cybersecurity, indicating the need for more awareness and training to strengthen cybersecurity measures. Employee-related vulnerabilities were identified, including weak password practices, unsafe browsing behaviors, and failure to adhere to established cybersecurity protocols. It is recommended that the institution provide ongoing cybersecurity training programs to enhance the level of awareness among employees and the degree to which they adhere to acceptable standards. Furthermore, to address typical weaknesses, such as weak passwords and dangerous browsing, it is necessary to develop explicit policies and monitoring procedures. This study contributes to the understanding of human-related cybersecurity risks in higher education institutions, highlighting the need for targeted awareness and policy interventions.