An unsecured wireless Access Point (AP) is risky to you, your personal data, your computers, and to your Internet Service Provider. If another person uses your unsecured AP for illegal activities you can be held accountable and be responsible for the actions of that individual(s). Anyone using your wireless connection has the potential to create problems even unintentionally. Using just WEP, TKIP, WPA/WPA2, or MAC address filtering is not enough to secure your WLAN. WEP protection is paper thin and WPA can be insecure if not setup properly. A secure WLAN requires at minimum WPA or TKIP with a 20 character or more passphrase. An even better solution is using WPA with AES instead of TKIP, or WPA2 which requires AES. You should still use a 20 character or longer passphrase to help ensure strong security. You may need driver updates or even a new client and/or wireless access point to make use of WPA, AES, or WPA2. To further increase the security of your wireless network, use WPA or WPA2 in combination with MAC address filtering and configure your wireless access point so it does not broadcast the SSID.
Using a firewall at home will definitely provide an added layer of protection. Most wireless access points (the ones called routers) act as a reasonable firewall to protect the computers inside your network. Additionally, all current operating systems have built-in firewalls and, when fully patched, are turned on by default. This includes Windows, Mac OS X and Linux distributions.