As above, while protecting the device itself is a good start, you should also be aware that you may be sending unencrypted credentials over the link. These are very simple to sniff. Use a free VPN to connect to a backbone service that ensure the wifi part of the transmission at least, is protected.
I’d always advise being fully patched as well, that’ll be one of the biggest steps you can make in protecting your device on open networks.
A final point is making sure you are really connecting to the WIFI point you think you are. It’s a relatively trivial matter to spoof an access point and provide a false sense of security.
And for general personal WIFI protection while we’re here.
Never use WEP encryption, use WPA2 if possible.
MAC address filtering is trivial to bypass.
Password length is the best step you can make in securing your own WIFI. Forget that complexity rubbish, make it as long as you can endure. 20 characters at least.