Effectiveness of Malware Incident Management in Security Operations Centres: Trends, Challenges and Research Directions

In the ever-changing realm of cybersecurity, protecting digital assets requires constant awareness and rapid incident response in security operations centre (SOC), where security professionals employ cutting-edge threat fighting strategies. The battle becomes more intense in the face of ever-more complex adversaries, such as advanced and persistent malware. The riddle of malware incidents, on the other hand, provides distinct obstacles, requiring steadfast specialised competence and innovative strategies. Effective incident handling is essential for protecting organisational digital assets, given the ongoing evolution and rising sophistication of cyberattacks. This paper reviews the literature that explores the complexities of the current state of malware event-handling solutions and identifies challenges by delving into SOC operations. It provides the recommendations and guidance necessary to SOC researchers and security professionals, empowering them to tackle malware incidents and strengthen cybersecurity defences.