"Most of the infections come from poor user behavior and unpatched systems," Hoit said.
People are too quick to click on attachments and companies have a lot of difficulty keeping software up-to-date, which leaves known vulnerabilities unpatched, experts say.
On the research side, Hoit said a lot of work is being done at NCSU and other universities in spotting abnormalities in a network through better algorithms for analyzing massive amounts of data from hardware, software and network traffic.
Internet2, a nonprofit research organization comprised of more than 450 universities, businesses and government agencies, is conducting a lot of security research, Hoit said. However, researchers often have difficulty getting access to the Internet traffic needed for their work.
"It's a privacy and security issue," Hoit said. "I don't know any open network providers that will give you their traffic flow."
So while the industry struggles with multiple issues, hackers operate in a simpler world where the only focus is on breaking into systems.
Sign up for Computerworld eNewsletters.