Like with your phone or laptop, if you don't update the software then known flaws can be exploited by hackers. That's why carying out WordPress and plugin updates is so important - to patch those. You should have a system in place to ensure you're regularly updating, scanning and checking your site.

If your website was hacked, taken down or infected with malware, no doubt you'd want to restore a backup in order to get everything back in order. This is why I recommend that automatic backups are made daily on both the web server as well as a remote storage facility. So if the whole server was taken down, including local backups, you have a final backup to call upon from another location.

Another thing to think about is the data which is stored on your website - you have a responsibility as a custodian of this data to keep it secure. If you lost personal data for users, customers or visitors, you'd could be at risk of GDPR ramifications, let alone the repetitional damage it could cause your brand. A lot of websites don't realise that when their contact form is submitted, that data is being logged somewhere - what confidential information could this contain? Name, email, telephone and other company information at least.

When people leave the company and they still have a login for your website, worst still administrator permissions - they'd have the power to make changes to or take down what some consider to be the most important shop front for your business.

That's why I provide support with WordPress website security, covering the website itself, user access, web hosting, domains, content delivery networks and other connected third-party systems. Whether a simple or a complex WordPress website, steps should be taken to ensure it's fully protected and essentially to nip it in the bud and avoid security incidents from ever occurring in the first place.