That is to say, what specific cares and concerns might Holoport operators have regarding the maintenance of their Holochain (security)?  Should operators presume at least some sort of cursory knowledge regarding web-hosting in general?"  

Our hope is to make this as automated as possible. It starts with nixOs as the operating system for the HoloPorts—deterministic, hashed, automatically upgrades to prevent unwanted code execution on the device itself, and keeps itself up to date as far as security patches are concerned.

The management of cryptographic keys on the device will be a prime responsibility of the operator.

Regarding DDoS, we will be implementing mitigation strategies on individual nodes as a matter of course, but realistically, what does a distributed attack look like in terms of a distributed hosting platform? How many nodes do the attackers control relative to the number of hosts in your network? The distributed nature of Holochain itself is resilient to DDoS attacks.