I wanna mention 4 rubbish advises:
1. Recommending system hardening, HIPS (&HIPS-like) utilities, or any other sort of programs that wait on user to take a decision.
This is either a security or usability disaster and is guaranteed to bring you calls 3:00 in the morning.
Security is professionals' s job, it's not for users to decide what's good and bad.
2. Recommending users to install too many products at once.
Just one product from a reputable company is enough for a home user, when combined with an ad-blocking extension and VPN. Overdone combos are unlikely to improve anyone's security posture and are likely to bring unworthy performance hit, bugs and weird situations that not everyone can handle.
3. Don't worry about malware, it's a Mac.
MacOS might be more secure than Windows by default due to its limitations, but is far cry from being invincible. Anti-Phishing and anti-malware tools should be ran at all times.
4. Don't worry, you're not famous, nobody will target you.
Whilst home users are really, far less likely to be the target of advanced and sophisticated attacks, measures should still be taken to insure information and identity are as secure, as possible.