Via the use of a how to fix hacked wordpress backup plugin, the best way to ensure your WordPress security is in my opinion. This is a fairly inexpensive, easy and elegant to use way to make certain your website is accessible to you.
A simple way is to use a few tools that are built-in. To begin with, do not allow people run a web host security scan, to list the files in your folders and automatically backup your entire web hosting account.
Yes, you need to do regular backups of your site. I recommend at least a weekly database backup and a monthly "full" backup. More, if possible. Definitely more if you make changes and additions to your site. If you have a community of people which are in there all the time, or make changes multiple times every day, a backup should be a minimum.
It is really sexy to fan the flames of why not find out more fear. That's what bloggers and journalists and politicians and public figures do. It's great for readership and it brings money into the war chests. Balderdash.
These are some of the things I do to protect my blogs. Thing is they don't need much time to perform. These are also simple solutions, which can be carried out.