Self-custody isn't enough. Without proper opsec you are an easy target for hackers and governments—you will lose all your coins sooner or later.
Discussion
What are the first two things you recommend?
Phones are spying devices, getting a Google Pixel device and installing GrapheneOS on it, is the single biggest thing you could do.
Then go full open-source apps only; delete all your bigtech accounts, including Google; Always use VPN or Orbot(Tor). These are just the basics.