Sign up for Drupal's security announcements - even if you are a beginner. One reason why Drupal's versions more quite fast say 5.7 to 5.12 is because of security updates.

Like Drupal says 'We've got your back covered!' So why not take advantage of this.

In an open community like Drupal, once anyone detects a flaw, they inform the Drupal security team - a 'patch' will be created and/or new version update may be necessary.

Usually the security flaw relates to the (many) contributed modules (third-party modules). So the more contributed modules you use, the more you must monitor the security announcements.
Use those more 'established' (for lack of better word or 'tested') contributed modules.

The security-risk is also highlighted eg. Highly critical.

If the core modules have not been affected you usually do not have to do anything.

Of course sometime Drupal's core modules may also have a problem.

Remember: Signup for Drupal's security announcements. Create a folder in your email like 'drupal_security' and keep the announcement there.

To learn how to upgrade your Drupal 5 Versions, see here.

The worst nightmare for a webmaster is when you site has been compromised or hacked.