Risk in DeFi takes three forms: financial, technical, and procedural.
Financial risk considers how the potential rewards associated with an investment stack up against the inherent risks.
In the world of traditional finance, investors look at things like the "risk-free rate of return" and historical data for benchmarks to help them evaluate potential investments.
Procedural security considers the steps users can take to protect their assets.
Developers can make their applications as secure as possible but some security features depend on users taking certain precautions like using multi-factor authentication and hardware wallets.
When holding or using cryptocurrency, best practices include:
Not disclosing holdings
Separating "savings" funds to be held in cold storage using paper or hardware wallets from "on-the-go" funds held in mobile, browser, or other, more accessible types of wallets.
Using multi-factor authentication
Technical risks includes vulnerabilities stemming from the potential failure of the hardware and software necessary for an application to work.
Smart contract failure poses a relatively high risk due to the fact that smart contracts are a relatively new technology and best practices for auditing them remain in their infancy.