I've had two WordPress blogs. That was at a time when I was doing virtually no internet marketing, and until I found time to deal with the situation (weeks later), these sites were penalized in the main search engines. They were not eliminated the evaluations were reduced.
By default, the newest version of WordPress is pretty secure. Anything that might have been added to some fix wordpress malware protection plugins has been considered by the development team of WordPress . In the past , WordPress did have holes but now most of them are filled up.
Do not depend on your Web host - Many people rely on their web host to"do all that technical stuff for me", not realizing that sometimes, they don't! Far better to have the responsibility lie rather than out.
Yes, you need to do regular backups of your site. I recommend at least a weekly database backup and a monthly "full" backup. More. If you make changes and additions to your website, definitely more. If you have recommended you read a community of people which are in there all the time, or make changes multiple times every day, a backup should be a minimum.
So what's the best way? Out of all of the choices that are available today, which one is appropriate for you and which path should you choose?
Oh . And by try this out the way, I talked about plugins. Make sure it's a secure one, when you get a plugin. Don't install any plugin just because the owner is saying that plugin can help you do that or this. Use a test blog to check the plugin, or perhaps get a software engineer to analyze it carefully. This way you'll know it is not a threat for you or your business.