netmeg - 1:25 pm on Nov 4, 2013 (gmt 0)
Use a good host - not a cheap host.
Keep WP up to date (a lot easier now; the latest version of WP updates itself - I have issues with that, but overall it's probably a good idea for most)
Use well known, well vetted plugins, and personally I don't use anything that hasn't been updated in the previous six months.
DON'T have any more administrators than you absolutely need - you wouldn't believe how many installs I work with where everyone in the company has admin access, and half of them aren't even working there anymore. Or they hired some kid to fix something, and left him in there. If you have to give someone admin access to work on something, revoke it when they're done.
Personally, I don't think the security plugins give you anymore real security than the above practices, and they can get in the way of other necessary functions (like cache) But if you feel you need it, g'ahead.