macOS

Apart from the obvious like setting a password etc…

• Turn on FileVault to encrypt your drive: Privacy & Security > FileVault
• Turn on your firewall: Network > Firewall (then periodically click on ‘Options’ to check those in the list of incoming connections).
• Enable end-to-end encryption of iCloud data: iCloud > Advanced Data Protection

Oddly - none of the above is on by default!

• Install LittleSnitch to allow/disallow connections to the web (there are free alternatives)
• Set up Time Machine backups (encrypted and usually run two and keep old copies)
• Check Privacy & Security > Files * Folders to see which folders your apps can access
• Check Privacy & Security > Full Disk Access
• Check Privacy & Security > Accessibility to see which apps can ‘control’ your Mac
• Check Lock Screen > require password after screen saver begins immediately/whatever you require
• Check General > login items for apps/services that automatically start at login
• Check your folder permissions (particularly if you have added any to you home folder). Folder > right click > info (should be you > Read & Write and everyone > no access)
• Privacy & Security > Advanced > log out automatically after inactivity (means a password would be required instead of just Touch ID)

You may also want to look at Apple’s new Lockdown Mode, which they say can offer extreme protection.