With an explosive growth in the number of websites over the past two decades (from 2,410,067 in 1998 to 1,766,926,408 in 2017), coupled with an explosive growth in websites using the WordPress platform, website hacking, malware and viruses are on the rise too! WordPress is the “engine” that is running your website, so it is important for you to realize that you play a huge role in keeping your website secure. I am sure you are familiar with the updates regularly pushed to you for your computer and cell phone. These updates often contain new features and bug fixes, but many times they also include a fix for security issues that have been discovered. The release of an update is no guaranty of security of course, because the owner of the device has to install the upgrade for it to be effective. Same with your WordPress website.
Why use WordPress?
The WordPress content management system (CMS) is extremely popular because it is easy to use, flexible, extendable and FREE! Website owners can update their own website without having to purchase special html editing software, learn html code, or hire a web designer. It is a powerful platform. In fact, WordPress is the fastest growing CMS of all time, with roughly 500+ new sites being built daily!  And take a look at these statistics: As of July 2018, WordPress runs over 30% of the entire internet.  WordPress powers 14.7% of the top 100 websites in the world , including New York Observer, New York Post, TED, USA Today, CNN, Fortune.com, TIME.com, National Post, Spotify, TechCrunch, CBS Local, NBC, and more.  Approximately 19,500,000 websites on the entire web use WordPress. 
WordPress is also the most hacked
into Content Management Systems of
all the current CMS systems.
Out of the 8,000 infected websites analyzed in a 2016 study by sucuri.net, 74% were built on WordPress.  You have to keep in mind, though, that with such a wide user base there is a lot more opportunity to hack. It also does not mean that the actual WordPress software is more vulnerable than other CMS sytems. Sadly, the manner in which most hacks occur is through the negligence of a website owner. The top reasons that lead to a hack are weak passwords and out-of-date WordPress software, plugins, and themes.
Consider that 30.95% of Alexa’s top 1 million websites run a vulnerable version of WordPress (v 3.6).  The current version is 4.9.7, by the way. The top 3 vulnerable plugins contributing to hacks, TimThumb, Gravity Forms, and RevSlider have had fixes available since 201l, Dec. 2014 & Feb. 2014 respectively, yet there are still websites running the outdated plugins to this day!
WordPress pushes upgrades on a regular basis, and will even email you if an important security update has been released. But just like your computer and cell phone, the updates do no good if they are not installed.
One more thing to keep in mind… outdated software, plugins and themes can also break your website or stop it from functioning the way it was intended.
Please, please update your website
at least once a month!
If you do not know how to update your website, please watch the video below. It is easy to follow along with.
In most cases you will need the FTP username and FTP Password to perform and update. Some webhosts will let you update without it though.