I'm a big fan of Wordpress, since it's one of the easiest ways to design a fully featured website within an hour.
That said, because Wordpress is open source hackers just love to hack it, and will if you forget to upgrade your core script or plugins on a monthly basis.
That said, my favorite plugin is Bulletproof Security. The downside is that Bulletproof security can be daunting to install until you figure out the order of setup.
I've made a video showing how to install Bulletproof Security here, http://youtu.be/xFVLRzoEitA
If you have any comment or recommendations I'm all ears.