AUSTIN, Texas - With every key stroke, your digital fingerprints are all over the internet, and often it's up to private companies to protect the personal data you leave behind.

The former CEO of Equifax paid penance on Capitol Hill Tuesday after the firm's massive data breach, and now questions remain about what role government should play in ensuring that consumer information is properly protected.

"Because it's not just some dude sitting in a closet or in their mom's basement. We're talking about, you know, massive enterprise that's for-profit, for state-sponsored actors," said Mike Hamilton of Ziften Technologies

At the cyber security firm, Hamilton focuses his time on protecting companies from threats, but says extra government regulations aren't always helpful.

"There are actually quite a few,” Hamilton said. “Which is actually part of the problem, that there are so many."

Hamilton says a patchwork of state-mandated cyber security requirements makes it difficult to ensure everyone's in compliance. While Hamilton says regulations are necessary, they should be streamlined.

"A lot of times these sorts of breaches aren't some super-secret, you know, back door actor, that you know is the most brilliant guy ever. A lot of time it's because of some basic maintenance and basic hygiene that wasn't taken," Hamilton said. 

But since companies don't always think about data security until it's too late, others argue that more oversight is necessary.

"If government could, for example, free up the pathway of bringing new security techniques to the compliance route," said Mohit Tiwari, an assistant professor in the Department of Electrical and Computer Engineering at the University of Texas.

That sort of regulation could come either the state or local level. But in a state like Texas, where Republican lawmakers flinch at the word "regulation," extra state-mandated cyber security requirements likely aren't just a click away.