An interesting (and entertaining) episode of the Shop Talk Show about website security.
I wouldn't say, that I understood it all, but the concepts of securing measures and what they protect against is rather comprehensible (plus there are a lot of nerdy abbreviations, that just sound important ) Like some code in the head of a site that sort of whitelists which scripts are allowed to be executed and which exact assets may be loaded. Its about stuff form a CDN like JQuery, cookie jacking and man-in-the-middle attacks and about the fact that very few people understand that stuff really well. So if someone out there wants be become an well payed expert on something… .
Obviously there are a few things one could do to secure a site. Not only for big corporation sites but even for personal blogs. Starting with testing your site at the Mozilla Observatory.
Maybe for you pros this could be of some interest.