Companies or governments rely on Internet to provide all kinds of service to customers and use Internet to propagate them in order to attract more customers to create more profits. Not only external customers, within the company, they also build their own intranet to handle daily operations. Once companies’ network being broken, they cannot provide regular service to user and also cannot run the daily process which may cause serious problem. Therefore, according to some research, cyber-attacks still is the most significant risk that business worried about since cyber-attacks will cause serious damage to company. In addition, in recent decades, damage caused by natural disaster becomes more and more serious and happened more frequently than before. The number of disaster events reported globally increased from 1,690 to 3,886 and the economic losses also increase dramatically. Hence, in our thesis we want to add natural disaster this environment variable to our scenario. Companies need to start to pay attention on it when they are building their system. We discuss earthquake, secondary disaster-fire and fire in our scenario. In order to provide business continuity, we also adopt redundancy this defense strategy to increase survivability. It is an effective method to prevent service interruption. When nodes damage or temporary shutdown, they can activate redundancy immediately which can prevent service interrupted. There are also other defense strategies to help defender maximize their system survivability such as virtualization, deploying honeypot, and cloud security Our purpose is to help defender find out effective defense strategy and resource allocation. Our problem is a bi-level problem and we use mathematical programming combined Monte Carlo Stimulation to help us solve this complex problem since there are various of attack and defense strategies and full of uncertainty. Furthermore, we will do both commander and defender enhancement process in order to find out better solution.