Targeted social engineering attacks. Sensitive information, from a theoretical concept to a culturally defined notion

Sabina Raluca Datcu Independent researcher

  download slides (PDF)

The concept of 'sensitive information' has a lot of different definitions, most of them being part of the laws and regulations of different countries. To sum these definitions up, information is considered to be sensitive if the loss of its confidentiality or availability has severely undesirable effects on organizations or individuals.

No matter the different conceptual definitions of 'sensitive information', the human factor is the core element dictating what this notion should signify.

This paper presents the findings of a multi-cultural study: 2,100 persons from seven countries - representing seven different cultural views - were questioned regarding the notion of 'sensitive information' and what kind of information they would be willing to disclose to another 'reliable person'.

While the respondents from a country exposed a type of information without restrictions clearly considered it 'public information', others deemed it to be sensitive and didn't want to provide this kind of data 'to a stranger'.

A direct correlation was observed between the information provided and the countries the respondents were from, meaning that the historical and cultural background of the interviewed persons - defined by the countries in which they live - significantly influence the concept of 'sensitive information' and the kind of data they want to reveal to others.

VB2013 takes place 2-4 October 2013 in Berlin, Germany.

The full programme for VB2013, including abstracts for each paper, can be viewed here.

Click here for more details about the conference.


We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.