•In developing countries, higher education institutions (HEI) are vulnerable but the least protected.•Accidental leakage of information in HEIs has caused numerous financial and reputational losses.•HEI governance needs reforms to deal with information security breaches.•Protection motivation encourages positive and compliant behavior.•The cultivated motivation shapes HEI employees’ security compliance behavior. Higher education institutions (HEIs) are progressively computerized to deal with substantial academic and operational information. With the increase in enriched information systems (IS) comes the potential hazard of malicious exposure to internal and external threats. This academic sector is advancing in the implementation of technical security controls; however, behavioral influence is still a challenge in the information security domain. Information security policies (ISPs) are generally designed and developed to control employees’ working behavior, yet compliance with these documents is near to non-existent. This research paper describes an empirical test of the influence of institutional governance (IG) on protection motivation and planned behavior of employees in HEIs. Results were analyzed using structural equation modeling (SEM) techniques. Our findings confirm the significant contribution of IG in motivating protection behavior among employees of HEIs. This cultivated motivation encourages positive conduct in information security policy compliance (ISPC).