Keep your Joomla site updated!
The Joomla Development team are amazing when it comes to responding to security issue regarding Joomla. To fully benefit you need to ensure you are as well. Always keep your Joomla site up to date, and be sure to subscribe to the Joomla Security News Feed: http://feeds.joomla.org/JoomlaSecurityNews You can even subscribe via email.
Next, ensure you patch your installation when security patches are released. The official way to do this is outlined here: http://docs.joomla.org/Upgrading_1.5_from_an_existing_1.5x_version
Now, on to the next VERY important subject, hosting, please read on here: Joomla Hosting
There are plenty of other Joomla security tips available, but it really comes down to two main things:
Joomla Hosting is discussed in another article, so be sure to read that as well. It's here: Joomla Hosting
We've explained the subject of Joomla Security above and the need to always keep your installation secure in this way. However, DO NOT assume that that is all you need to do. An insecure and out of date component can also open your site up to security vulnerabilities. Don't be afraid though, most good 3rd party developers have excellent security records and just like the Joomla Development team, have ways of notifying you of updates and secuirty patches. Be aware of this, and your 99% of the way there.
So, you've read this far already.. have you subscribed here yet: http://feeds.joomla.org/JoomlaSecurityNews ?