WordPress Security Needs to be a Priority for every WordPress Website
For every new WordPress website I am hired to build, I quote WordPress security as part of the web development estimate. When I start a new project, the first thing I do after installing WordPress is fully secure it. I do this before installing a WordPress theme or installing any other plugins.
You would be surprised at how many WordPress sites get hacked on a regular basis. Because of this, WordPress sometimes gets bad press about not being secure. With just a little bit of effort up front tough, it is easily prevented. (All of my personal websites run on WordPress and none have been hacked.) Consider buying a new computer. You tweak and configure it when you first set it up. You install antivirus software and firewall and then keep software up to date when new updates are released. Similar practices should be done when you install WordPress. You need to secure WordPress (also referred to as hardening WordPress) to keep it safe.
People often hire me as a freelancer to fix hacked WordPress websites and then secure WordPress so it does not continue to happen. My advice is to be proactive rather than reactive by addressing hardening WordPress up front before your website is infected. I think the best WordPress security plugin is WordPress iThemes security. There is a free version that has tons of features. If your not careful though you can lock yourself out from being able to access your website or admin area.