Website Security refers to maintaining the security of websites, web servers and web applications from unauthorized access, use, modification, destruction or disruption. A website is always prone to malware attacks. Hence website security includes scanning websites, servers and applications for malware and vulnerabilities, and includes timely detection and prevention of threats and vulnerabilities including malware threats, zero-day vulnerabilities, DDoS attacks, brute-force attacks etc. The focus is on data protection and includes sensitive personal data of customers as well.
You may not think your site has anything worth being hacked for, but websites are compromised all the time. The majority of website security breaches are not to steal your data or deface your website, but instead attempts to use your server as an email relay for spam, or to setup a temporary web server, normally to serve files of an illegal nature. Other very common ways to abuse compromised machines include using your servers as part of a botnet, or to mine for Bitcoins. You could even be hit by ransomware.