There are simple things to consider Secure WordPress Website

1 Get Proper WordPress Backup Solution
2 Hide the WordPress Admin and the version
3 SSL Certificate integration is important and it is easy to implement. Use Basic Domain Validation Certificate like Comodo Postive SSL
4 Choose Secure and Reliable Web Hosting
5 Update Wordpress version
6 Update WordPress Plugins regularly
7 Make your Login and Password complex
8 Turn of Database Error
9 Always have the daily backup. The Backup report also points out to any irregularity in the files or if something has a miss especially if a new file has come in without your knowledge. Use DropMySite backup tool.
10 If possible, hosts on a VPS server and take complete snap backup of VPS server.

The above is something that helped us managed umpteen customer with almost 99.9 uptime and help them in crisis too.