Think of yourself as a walking computer, full of valuable information about yourself. You've got a name, address, and valuables. Now categorize those items like a business does. Personally identifiable data, financial information, cardholder data, health insurance data, credit reporting data, and so on. There are currently 47 state level laws, several compliance regulations and standards such as Sarbanes-Oxley (SOX), Payment Card Industry Data Security Standards (PCI DSS), Health Insurance Portability and Accountability Act (HIPAA), and the list goes on; rules that were designed and communicated to businesses to protect this type of information.
But what about at the individual level? What are you doing to protect your valuable data? A business would place 'controls' in place to mitigate the risk of compromises, but what 'controls' do you have in place for your information? What type of information is available online for social engineers to target and how easy is it to find this information? Does it require extensive research, or is it relatively easy to find just by going to Google, Facebook or LinkedIn? Personal blogs can also not be forgotten, as plenty of personal information can be found on blogs.
Remember, what you feel is important may not be encompassing enough. Social engineers use their tactics to extract any and all information they can out of you. Even simple information such as your pet's name, where you're from, the places you've visited; information that you'd give out freely to your friends; social engineers want that information. Unfortunately, unlike passwords, which are understood to be important, other types of personal information aren't kept as safe. There's tons of personal information freely available due to the Internet, especially due to the rise of social networks.