Cybersecurity Infrastructure adoption Model for Malware Mitigation in Small Medium Enterprises (SME)

Malware is the most critical threat among other cybersecurity threats because it could be a disaster for any organization, its resources, and operations. Due to non-compliance with adequate cybersecurity, SMEs are more vulnerable to malware attacks. Malware attacks can be known or unknown. SMEs must comply with adequate cybersecurity infrastructure to detect and mitigate these malware attacks. To the best of our knowledge, there is a limited study in the literature on finding the limitations of adopting cybersecurity infrastructure for malware detection and mitigation in Malaysian SMEs. In this paper, the factors have reviewed that influence the implementation of the cybersecurity infrastructure. These factors are further categorized into organizational, technical, and environmental challenges. A conceptual model for malware mitigation is designed based on the literature review findings. Furthermore, to design the proposed model, the most relevant theories, TOE (Technology, Organization, and Environment) and TAM (Technology Acceptance Model), are incorporated based on the literature review finding. This paper aims to propose a preliminary model for adopting technical cybersecurity infrastructure and mitigating malware threats in SMEs.