Incident handling, a fundamental activity of a cybersecurity incident response team, is a complex discipline that consumes a significant amount of personnel's time and costs. There are continuous efforts to facilitate incident handling and response in terms of providing procedural or decision support and processing relevant data. In this paper, we survey the approaches towards (semi-)automated incident handling and response backed by recommender systems that are successful in other domains. We discuss which phases and tiers of incident handling can be automated and to what level while evaluating the maturity of proposed approaches and tools. While we did not find a full-scale recommender system that would guide the user through incident handling and suggest which steps to take, many of them aim at particular problems. The discussed issues are not resolved yet but seem to get the attention of researchers and will likely be investigated in the future.