I have had two WordPress blogs hacked into in the past. That was at a time when I was doing very little internet marketing, and until I found time to address the situation (months later), these sites were penalised in the search engines. They were not removed, but the rankings were reduced.
I back up my blogs frequently using a plugin WP DB Backup. I will restore my blog if anything happens. I use my site to be scanned by WP Security Scan plugin that is free and asks to be blocked by WordPress Firewall to fix hacked wordpress.
Safeguard your login credentials - Don't keep your login credentials where a hacker might find them. Store them offsite, and even offline. Roboform is very good for protecting them, also. Food for thought!
Keep your WordPress Installation up to date - One of the simplest and most valuable tasks you can do yourself is to ensure that your WordPress installation is upgraded. WordPress gives a notice on your dashboard to you, so there's really no reason.
Can you view that folder, Imagine if you visit WP-Content/plugins? If so, upload this blank Index.html file into that folder as well so people can't view what plugins you have. Because even if your existing version of WordPress is official site up to date, if you are using a plugin or an old plugin with a security hole, someone can use this to get access.
The plugin should be updated have WordPress, play nice and to remain current with the latest WordPress release and restore capabilities. The ability to clone your site (along with regular copies ) can be useful if you ever want to do an offline website redesign, among other things.