Bitcoin is not vulnerable to theft but maybe your wallet, the bitcoin on your wallet can be stole by just hacking. Using a hardware wallet is assured to safe your bitcoins so that no hackers can access to you wallet. Use two authentication when loggin in your wallet to avoid wallet being hacked.
Bitcoin itself is secured by maths. The probabilities of you generating a random priavte key and this private key being used before is extremely low, much lower than someone guessing your password since they have clues of what it might be(your name, your birthday, etc.).
The most vulnerable part to theft is the environment which you are storing your bitcoins in. So you're completely right to either use a hardware wallet or a paper wallet for any kind of large sums, otherwise you may be hacked quite easily.
Basically protect your wallet just like it's real money, even though it may not have any bitcoins in there yet. Never use exchanges as a wallet or any hosted wallet services, as you don't have access to your priavte keys and they can exit scam quite easily.