You can continue to create static sites first. In fact, that's what I do regardless of which CMS I end up using. I don't code all pages, just a handfull or so. Others can be done within the CMS, especially if some pages are extremely similar in terms of content structure, then it is indeed faster to code one page and then translate the rest of the pages within a template of the CMS of your choosing.
With WordPress, you should be extremely careful in regards to plugins. Make sure that whatever plugins you use, that these are of a high quality. Most aren't, so research on the net first, look at the comments, reviews, etc. on WordPress' plugin repository before installing anything. Plugins are one of the main causes for security issues and other hiccups.
Try to keep your WordPress install as clean and updated as possible at all times.
Do a search on WordPress security and implement some of the safety measures described.
There are a few books that touch on the security issue as well and there's a website that lists WordPress plugins that contain security holes, unfortunately, I forgot what the site was called. Maybe someone else can jump in.
If you want to use WordPress, I recommend that you use a "naked", barebones theme, ie something like Starkers. Once you advance and are more comfortable with WP, you might want to create your own barebones theme.