Others have said it before but basically : what is YOUR (not me, not your best friend, nor your colleague, etc) threat model?

To clarify that means WHO is actually trying to threaten your security?

Typical for most people it would be :

• scammers trying to get pieces of your identity or your local cryptocurrency wallet or resources they can use to repeat that on to others.

For some people, like activists or political journalists it would be :

• national actors, e.g. governments, with their surveillance apparatus, who might end up on a list with a set of conditions that would trigger some automated scan to get e.g. Signal logs

For very very few people, say Edward Snowden, who within the previous group actually did trigger some action :

• actual team of hackers trying to hack into their devices

So as you can imagine if you are part of group 1, 2 or 3 then way you will protect yourself is totally different. What you will also have to protect is also different, e.g. if you have no cryptowallet but are traveling you might have to protect your phone physical phone and its data.

So… if you are serious about this, take a cybersecurity class. There are plenty available but how a computer works, software and hardware alike, is precisely what makes them simultaneously powerful and also dangerous. There are plenty of ways to break security (e.g. return oriented programing), plenty of ways that practically impossible (e.g. encryption) due to the very nature of computers (i.e. computational complexity) which IMHO makes this one of the most fascinating topic. Ask yourself come the credit card in your pocket (costing few bucks to make) can’t be cracked by the largest super computers (costing billions) on Earth?

TL;DR: no offense but you don’t seem to be ready for the answer without getting the basics first.