This study addresses the complex challenges of digital transformation in higher education by enhancing IT governance to combat cyber threats in Moroccan universities. By adopting a hybrid multi-criteria decision-making (MCDM) framework, the research combines the analytic hierarchy process (AHP) and the TOPSIS method to evaluate fourteen IT governance criteria, categorized into structural, procedural, and relational dimensions. Using TOPSIS, the study identifies the most relevant SVC services from the ITIL v4 value chain for each category, with the aim of developing an optimized strategic approach against cyberattacks. The input from ten academic experts was crucial in prioritizing these services. The results show that SVC services A5 and A2 are fundamental for optimizing the resources of structural and procedural mechanisms, while A4 and A2 play a key role in relational mechanisms. This strategic alignment enhances the resilience of Moroccan universities to cyber threats by ensuring a more efficient allocation of security resources and providing a robust defense against potential attacks.

AHP; Cybersecurity; Digital transformation; ITIL V4; TOPSIS