So, we need to know how to manage our wallets too and have a strong antivirus to protect us from hackers and also we need to know the latest threats from cyber criminals so that we can protect ourselves away from them.
In my opinion, there should be a dedicated PC based on some well-maintained Linux distro (probably on Windows 7, but NEVER on Win10), on SSD supporting TCG Opal technology, and the most important point is that you will use this wallet-PC only for operations with cryptocurrencies. The only web browser you will use there should be TOR browser. Also, you should be a paranoid about passwords and also be a retrograde about storing your passwords. We can talk a lot about it, but in a nutshell you should come up with passwords of 10 characters and longer, as random as possible. Write it up on paper, in two copies stored in different places safely.
So on that PC above you should set up at least three passwords: 1
st for SED-drive unlocking during boot, 2
nd for your OS account, and 3
rd for your wallet. BTW check that your wallet can be unlocked with password you have just set prior to sending any funds on it's address.
Buy two flash drives with hardware encryption support for storing wallet files and private keys. Protect them with two different passwords. Be a paranoid.
If you still did not know about it - your passwords should not be repeated anywhere and never. Use 2FA everywhere. Store backups of 2FA keys on paper.
And more, and more...