Hopefully the previous page describing some of the issues with Web application security has you a little concerned. That might sound mean but many of my clients neglect Web security until they are actually attacked.
So, what can you do:
Perhaps the first place to look for guidance as to the threats to your Web application is the OWASP Top Ten whilst it won't help you sleep at night, it will give you a great insight as to the primary threats and some solutions to them.
You might also want to consider somethink like Learning Tree International's Web Application Security course. As the editor of the course, I do have a vested interest but it does provide a painless introduction to both the issues and their solutions.
Once your developers understand Web application security, they can begin to protect your application. You need to implement processes to ensure that security is considered at every stage in the life-cycle of you application. The resources above make a good starting point. If you wish for external support then do contact us.