In navigating the intricate landscape of cybersecurity investments, organizations encounter the challenge of efficiently allocating resources across diverse mitigation strategies. Our study tackles this obstacle by identifying the optimal investment levels in various cybersecurity measures to minimize an organization's cyber-attack risk. We comprehend individuals' motivation towards cybersecurity behavior using the Protection Motivation Theory (PMT). Our research framework involves conducting a comprehensive risk assessment of an organization, considering vulnerabilities and organizational traits like size, industry, and digital footprint, which influence susceptibility to cyber threats. Subsequently, we evaluate the potential impact of these risks and assess cybersecurity measures for mitigation. Next, we examine the role of cybersecurity frameworks like COBIT19, ITIL, and NIST Cybersecurity in risk mitigation. By striking a balance between investment costs and risk reduction benefits, our goal is to furnish data-driven insights for informed cybersecurity investment decisions by any organization.