1) Regularly reset all the password with combination of special characters,alphabets and numbers for all Email/FTP accounts.
2) Make sure you are using latest version of all plugins.
3) Remove all vulnerable plugins or the plugin which has security issue.
4) Make sure that you are using latest version of the theme and purchased from trusted source.
5) Make sure that there are no unnecessary/unknown files uploaded in your account.
6) Avoid writeable file/folder permissions. The correct permissions are normally 755 & 644. You can manage these permission from your hosting account File Manager.
7) Make sure that your local system from where you are managing your accounts is not infected by virus/trojan/malware/keylogger.