This research examines the critical vulnerabilities in Yemen’s digital infrastructure, arising from an outdated and fragmented legislative framework, and its consequential exposure to sophisticated cybercrimes. Drawing on survey data from 1,024 respondents and insights from cybersecurity experts, the study highlights a significant public perception of insecurity and the inadequacy of current cyber laws. It investigates core cybersecurity principles, the evolution of cybercrime, and the multi-dimensional challenges—including technical, human, and organizational factors—that exacerbate Yemen's risks. By comparing Yemen’s legislative deficiencies with international and regional models such as the cybercrime laws of Jordan, Kuwait, and the UAE, as well as frameworks like the Budapest Convention and the NIST Cybersecurity Framework, the research proposes a comprehensive, adaptable legal framework. Key recommendations include establishing a centralized National Cybersecurity Authority, standardizing digital evidence protocols, enhancing interagency coordination, and investing in capacity building. The proposed framework aims to protect critical infrastructure, safeguard personal data, and foster robust enforcement mechanisms, thereby aligning Yemen’s cybersecurity posture with global best practices and ensuring a resilient digital ecosystem.