The largest risk with cryptocurrency is that online exchanges are vulnerable, as mentioned, to hacking they say. I know some may already experienced this kind of problem, and I wonder how you manage to solve this.
It's pretty simple.
1. Don't leave funds unnecessarily on exchanges; only leave funds that you are actively trading.
2. Use the reputable exchanges for potentially lower probabilities of the exchange getting breached.
As for accounts in general?
1. Use a password manager
with a very secure master password.
2. Don't reuse passwords.
3. Keep passwords at max length(and variety of characters).
4. Don't download shady crap.
Using a VPN isn't really going to help you that much in terms of security though. VPNs are mostly for privacy purposes; though I'm not sure with SurfShark. I'd personally recommend Mullvad.