As others have stated, macOS already has built-in protections that are adequate for the average user. Even if you want to install macOS updates on your own time, make sure that you at least have "Check for updates" and "Install system data files and security updates" enabled inside Software Update's "Advanced" menu. The first will alert you of any updates that Apple has released, the second option will automatically install the latest versions of XProtect and MRT, which are roughly the closest equivalent to the Mac having included anti-virus. XProtect blocks known malware when installing or running programs for the first time, MRT is Apple's automatic malware removal tool which operates without requiring user interaction.
Other than that, you can use "FileVault" to encrypt your system drive, enable "Find My" through iCloud to locate/lock your Mac if it is stolen, use a password manager such as the one already built into Safari, enable the Firewall inside system preferences, use a
DNS Profile such as Quad9 over HTTPS to block some suspect sites at the DNS level and to enhance privacy, use a quality ad blocker such as
AdGuard for Safari, and simply go through System Preferences, such as "Security and Privacy" to make sure you have the proper options enabled. Also, make sure to regularly check for updates to any third-party applications that you may use, since they can have security patches, as well. Ostensibly, programs downloaded through the Mac App Store should be more secure, since Apple has oversight over those files, but still be careful about what you download.
One tool that I can suggest is from Dr. Howard Oakley who runs the
Eclectic Light website and has written numerous articles, released useful utilities for Mac users, and has been doing so for many years. In order to make sure that you have important security settings enabled, as well as the latest versions of Mac files and patches installed, I would suggest installing his free
SilentKnight utility, which will give you an easy rundown of what protections are currently active and what you may want to enable to further protect your system. For instance, some advanced users will disable SIP (System Integrity Protection), and this can remind them to enable it. Also, unless you specifically need these settings lowered, make sure that
Security Policy is set to "Full Security".
So, keep macOS and your other software regularly updated, use caution when downloading and installing unknown programs, avoid dodgy websites, and make sure your Mac's built-in protections are enabled. That should be sufficient to keep your Mac safe and secure.
github.com
