As of now, WordPress is powering 48 of the best blogs on the Internet. Aside from this, WP is powering 19% of the net as a whole. It means that WordPress is actually trusted by a lot of people whenever they want creation of sites and blogs.
By default, the latest version of WordPress is pretty darn secure. Anything that might have been added to some fix wordpress malware removal plugins has been considered by the development team of WordPress . In the past , WordPress did have holes but most of them are filled up.
Also, don't make the mistake of thinking that your hosting company will have your back as far as WordPress backups go. Not always. It has been my experience that the company may or might not be doing backups, while they say they do. Take that kind of chance?
Yes, you want to do regular backups of your website. I recommend at least a useful site weekly database backup and a monthly "full" backup. More, if at all possible. Definitely more if you make regular additions and changes to your site. If you make changes multiple times every day, or have a community of people which are in there all the time, a backup should be a minimum.
So what's the best way? Out of all of the possible choices that are available today, which one is right for you personally and which route should you choose?
There is another problem you have with WordPress. People always know additionally they could just visit your login form and where they can login and try a different combination of user accounts and passwords out. In order to prevent this from happening you want to install Login Lockdown. It's a plugin that lets users try and login with a wrong password three content times. After that the IP address will be banned from the server for a certain timeframe.