Is your website a liability?
A few weeks ago I had a chat about the state of Internet security with a friend who runs a hosting company, and he told me that the majority of the websites they host are cracked. This is because people just install a forum/blog/gallery/etc software, but most have no idea that such installations have to be constantly "security patched". Then, sooner or later someone finds an exploitable bug in that particular engine, and then their website is used to send spam, facilitate phishing attacks, host viruses, or worse.
The so-called "script kiddies" facilitating these attacks are (A) teenaged kids who have watched too many hacker films or (B) cynical professionals working for spam lords. And although neither are good enough to write malicious code themselves, they can download ready-made tools from the Internet (batteries included), and just use search engines to find installations of a particular software. Try it for yourself. You can click here to start a search on Altavista that finds about 175.000 websites that run, for this example, PhpBB, a well-known forum software. (It's also interesting to note that Google and Bing both block queries like this. There's a reason for that.)
So how to avoid this fate for your website?
It's actually easy, just needs a little change of mentality. One has to accept that websites do have a maintenance cost, be that in time (if you do it yourself), or money (if you have it done by somebody). In CFO-speak, websites have OPEX besides CAPEX.
This is also the reason why your web developer's $75-$200 hosting and maintenance fee is not comparable to the $8 hosting plans you can find, because one contains monitoring, backup, and security patching your website, while the other is just renting some space on a $600 budget server with a $60 internet connection and share it with as much as 730 other websites.
So people, update your websites. Or delete them, if they are not used anymore. Do everything to avoid the embarrassment when someone visiting your corporate website gets transferred to a russian porn site, or gets alerted by his browser that the "website is not safe".