[Hackbraten]

The first thing I’d do is to build a threat model.

What kind of threats are you trying to protect against?

Drive-by exploits in the browser? Spearphishing? Software/hardware supply chain attacks? Those are just general examples.

[devShark]

I do not have anything specific in mind, because threats are constantly evolving. I am clear that you can never be 100% safe. But I am looking to protect myself as much as is reasonably possible.