Dissertation presented as the partial requirement for obtaining a Master's degree in Information Management, specialization in Information Systems and Technologies ManagementIn this recent time, the importance of cybersecurity and cyber defense is sky-high. Everyone
uses different devices, IT infrastructures, and applications for various purposes at school,
office, home, hospitals everywhere. With the enlightenment of technology, the nature of
cyber-attack has been changed dramatically, and that is why the number of cyber-attacks
have been increased. Enterprises face billions of Euros loss from such incidents; even the
data loss and operational hazard may have a devastating impact not only on the service,
security, privacy, brand image but also upon overall business. A constrictive and realistic
CSCD (cyber security and cyber defense) strategy along with the proper implementation of
it, can safeguard the enterprises and strongly from cyber attacks. In this paper, we prepare
an improved CSCD control framework based on several hundreds of scientific papers and
frameworks. Moreover, we identify different aspects and strategic elements by holistic CSCD
control risk assessment and data analysis for preparing CSCD strategy and planning of
different levels of organizations to maintain effective CSCD governance and cyber resilience
