Website maintenance falls into two categories:Content updates to keep it topical and currentSoftware updates to keep it secure and stable in an ever changing environment
The first one is usually given priority by most small business website owners and current content and regular updates are important for all sorts of reasons like search engine optimisation and keeping your customers up to date. But really, keeping your hosting and site software up to date should take priority in the interest of keeping your website secure.
Quite simply ... if it's out of date the hackers will know the vulnerabilities and will know how to get in. All they have to do is find your site. Updates and patches 'plug those holes' and it's important that they're installed regularly.
Most small business owners mistakenly think that their website is low profile and unlikely to be a target and take a 'why would they bother with my little website approach?' I liken it to a situation I experienced a few years ago where my modest and ageing hatchback was broken into while parked in between two very high end and very shiny new cars. Quite simply mine was easier to get into. The other two were secure with alarms and far more up to date and sophisticated security.
Every website is potentially a target irrespective of it's size and out of date software just increases the risk because it's an easy target. Cyber crime is big business and the reasons for hacking into a website are many. If you want to know more about why, you can read about it in an earlier post 'Why do hackers hack?'.