Year and a half taught us that WordPress security shouldn't be taken lightly by any means. Between 15% and 20% of the world's high traffic sites are powered by WordPress. The fact it is an Open Source platform and everyone has access to its Source Code makes it a prey for hackers.
The secure your wordpress website Codex has an outline of what permissions are okay. File and directory permissions can be changed either through an FTP client or within the page from your web host.
This is great news because it means that there is a community of users and developers who could enhance the platform. However there is a group there will always be people who will attempt to take down them.
Should you ever wish to migrate your website elsewhere, such as a new hosting company, you'd be able to pull this off without a hitch, and also without having to disturb your old site until the new one was set up and ready to roll.
Another step to take to read this make WordPress more secure is to upgrade WordPress to the latest version. The main reason for this is that there come fixes for old security holes making it essential to upgrade.
The plugin should be updated have WordPress, play nice with your plugins and to stay current with the latest WordPress release and restore capabilities. The ability to clone your site (along check my source with regular copies ) can be useful if you ever want to do an offline website redesign, among other things.