For many small business that operate in America, there is no reason to allow the entire planet access to business resources. Sure, SMTP and WWW traffic can come from anywhere, and you should keep that in mind, but that isn’t a compelling reason to allow everyone in China access to your accounting system, or that “Remote Desktop” connection that you recommended against but they had you configure anyway.
Simply blocking a handful of countries at your networks edge can lower Probing and Attacks by 60%. In the Akamai “State of the Internet” Report Q4 2014 41% of attack traffic originated from IP addresses in China. That is 3 times more attack traffic than traffic that originated in America. Tack on 8 others from the top ten and that would block 60% of attack traffic.
There are plenty of resources on the internet that turn creating the rule sets into a trivial task. Some are free and some are not. The free sources include IPDeny.com which maintains updated country network block files. Wizcrafts.net has formatted those lists into some popular formats. I am launching another free resource in ACLBuilder.com. There I aggregate lists from multiple locations around the internet and output them in many popular formats as well. More formats and more sources are being added all the time.