One of my favorite site for showing how prevalent cyber attacks are and note who is attacking or being attacked is to visit the Norse interactive real time threat map. http://map.ipviking.com
If you watch this long enough you can get a pretty good visualization of the threat landscape. Keep in mind this only show where the illicit traffic is going to or coming from. It does not show if these were successful or the results from potential penetration. Important though is that the traffic is significant and the odds are very much against you that somewhere along the line someone will eventually find a way in to your site or IT infrastructure.
The key here is to take as many proactive measures as possible to protect and fortify your systems.
Step one: Regardless of where you are in your organization learn about the various kinds of threats and how they could potentially impact your organization.
Step two: Identify the best tools and talent for protecting your assets and reducing risk if an attack on you is successful.
Step three: Have a recovery and response plan. Make sure there is a clear authorization, communication and accountability plan for resolving incidents effectively and efficiently. Remember most often a response will be required in the least convenient times for you and your response team.
Step four: Have a clear follow up plan so you can implement proactive preventative measures in the future and have documentation of lessons learned.
It is imperative if you are a business owner or manager that you you remain involved in the strategic planning and prioritization of security in your business plan. However, most often you are busy running your business and supporting your customers. This means you just need your site to run smooth and have someone looking after and monitoring the state and condition of your web site and IT infrastructure. This is where a carefully matched service provider can assist you in getting the best protection and response plan in place. They can monitor and help you maintain your online assets to protect from costly downtime, intrusion liability, potential public embarrassment or interruption of service to your customers.
In conclusion I would highly recommend that you take the time to carefully craft a security response plan and hire a professional team to help protect and maintain your online programs. Like they say it is always quietist before the storm so it is better to plan ahead vs having to figure this out in response to a crisis.