The key drivers are as follows:
- Swindling of user identity
- Information disclosure and loss of sensitive data.
- Damage due to malicious attacks such as cross-site scripting or SQL injection
- Repudiation of user actions
- Interruption of business critical operations due to DoS attacks