Introduction: The emergence of IoT-enabled smart cities promises transformative benefits in urban management and citizen services. However, the integration of vast interconnected devices raises significant concerns regarding security and privacy. Ensuring the confidentiality, integrity, and availability of data in such complex ecosystems is paramount to foster trust and facilitate widespread adoption. Problem Statement: The rapid proliferation of IoT devices in smart cities creates a burgeoning attack surface susceptible to various cyber threats. Malicious actors exploit vulnerabilities in interconnected systems to compromise critical infrastructure, compromise personal data, and disrupt essential services. Addressing these security and privacy challenges is essential to safeguard citizen trust, protect sensitive information, and uphold the integrity of urban operations. Objective: This research aims to investigate the security and privacy implications of IoT deployment in smart cities and propose effective strategies to mitigate risks and enhance resilience. By analyzing existing frameworks, identifying vulnerabilities, and evaluating countermeasures, this study seeks to provide actionable insights for policymakers, urban planners, and technology stakeholders. Methodology: The research employs a multidisciplinary approach integrating literature review, case studies, and empirical analysis to comprehensively assess the security and privacy landscape in IoT-enabled smart cities. Data collection methods include unstructured interviews with domain experts, and analysis of security incidents and breaches. The research framework encompasses threat modelling, risk assessment, and the development of proactive security measures. Results: The findings highlight the multifaceted nature of security and privacy challenges in IoT-enabled smart cities, ranging from device vulnerabilities and network weaknesses to data governance issues and regulatory gaps. Through empirical analysis and case studies, key risk factors and potential mitigation strategies are identified, underscoring the importance of collaborative efforts among stakeholders to foster a resilient and secure urban ecosystem. Conclusion: In conclusion, addressing the security and privacy concerns inherent in IoT-enabled smart cities requires a holistic approach encompassing technical, regulatory, and societal dimensions. By implementing robust security measures, promoting data protection frameworks, and fostering cybersecurity awareness, cities can harness the full potential of IoT while safeguarding citizen rights and privacy.