Step 1. Patch Dev - backup databases, patch, have developers test

Step 2. Patch QA / Int - backup databases, patch, have testers test

Step 3. Patch Prod / DR - backup databases, patch, have testers test

You can apply CU 11 (CU 12 is the most recent) or you could apply SP3 and then CU 11 and 12. CU's are usually hot fixes that microsoft puts out for any known SQL bugs. These are usually applied if you encounter those bugs in your environment and not simply because they are out there.

To secure your environment you will want to make sure you have patched it for any security vulnerabilities that Microsoft releases patches for on a monthly basis. You can read more about those on the microsoft website http://www.microsoft.com/technet/security/current.aspx

The key to all of the above is TESTING.