There may be a point at which any cryptocurrency (whether Bitcoin or another) is held on exchanges/wallets run by small/new companies. The small players have limited resources. How do they ensure they are sufficiently protected? Why don't there be hacks every other day?
I'm pretty sure any decent company, regardless of whether they're small or big will have sufficient (or at least they claimed to be) security measures, such as offline storage, multi-sig cold storage, provide limited access to their hot/cold wallet, disallow their workers to click suspicious email etc. But at the end of the day, shit happens. The best thing end users can do is to not trust them to hold their money, and just use them for their business.