Three risks and threats that the user domain poses are-
- Susceptibility to social engineering
Employees and users are vulnerable to being socially engineered into letting malware and threat actors into the system.
Phishing, vishing, whaling, pharming, spoofing, and impersonation are the various ways a user could fall victim to hackers.
- Accidental disclosures
Users due to ignorance or negligence could cause accidental disclosures leading to data leaks, account compromises, and organizational losses.
Writing down passwords, leaving their systems unlocked, using trivial passwords, sharing too much information on social media, are all ways that users increase the risk of hacks.
- Malicious behavior
Malicious insiders are a serious threat and pose a huge risk to organizations. Confidentiality data, copyrighted material, trade secrets, business plans and strategies could be at risk.
Additionally, disgruntled employees can wreak havoc with logic bombs and installing backdoors into systems.