Modern organizations have increasingly relied on information technology to facilitate daily business operations. However, the dependency is built upon an environment where hazardous events happen frequently and malicious attacks emerge in an endless stream. To attain the objective of “continuity of services”, we propose an approach based on redundancy allocation to reduce the possibility of threats occurring to an acceptable degree. In the thesis, we formulate a “battle” between the attacker and the network into a two-level programming problem. In the inner problem (ARS model) an attacker allocates the limited attack powers to maximize the vulnerability of network against hazardous events. Contrarily, in the outer problem (RAPMA model) a defender attempts to minimize the damages by deploying redundant components appropriately with the limited budgets. We develop a Lagrangean Relaxation-based algorithm to solve the programming problem efficiently.