We study the decision-making problem in cybersecurity risk planning concerning resource allocation strategies by government and firms. Aiming to minimize the social costs incurred due to cyberattacks, we consider not only the monetary investment costs but also the deprivation costs due to detection and containment delays. We also consider the effect of positive externalities of the overall cybersecurity investment on an individual firm\u27s resource allocation attitude. The optimal decision guides the firms on the countermeasure portfolio mix (detection vs. prevention vs. containment) and government intelligence investments while accounting for actions of a strategic attacker and firm budgetary limitations. We accomplish this via a two-stag...