I'm wondering if it's very risky,…
More than anything else, it depends on a user's computing habits. Having it off is no different than using Yosemite or earlier. If you're careful about what you download and install, and where you go online, you're likely to never have a problem.
I've been using computers since we bought a brand spankin' new IBM XT clone running DOS 3.1. Through multiple computers and OS's, Windows and Mac, I've only ever seen one virus. My wife was in Windows and clicked on an email through her company's remote email access. It immediately downloaded a nasty self-repairing virus that made a mess of her Windows install. Fortunately, I keep restorable backups of everything and simply saved off necessary documents that hadn't been backed up, restored the clean Win backup and put the personal files back.
Risky behavior begets malware (P2P downloads, torrents, pirated software, etc.). Getting your third party apps from trusted sources, as in the original vendor, and your risk is extremely low. That, and keeping a close eye on your hardware. No computer is safe from direct access. There are always ways to bypass security when you have full control of the machine. The only two that are almost impossible to get past are a firmware password and an encrypted drive.