Security through delegation vs security through obscurity imo here, follow simple things like use non-standard ports and your changes of getting hacked are likely shockingly low even if your behind on patches.
nmap, a standard pen tool, already sees through port mapping and other convenient obscurity tricks, there's just nothing like actually keeping your system up to date
I don't disagree with regards to "nothing like actually keeping your system up to date", but in terms of defense-in-depth, non-standard ports are not a bad idea. IIRC, people who have monitored the volume of attempts to connect on a open standard port and a nonstandard port are different by orders of magnitude. It won't help you much in stopping a dedicated human attacker, but it'll probably drastically reduce the number of automated attempts to attack your network device.
Security through delegation vs security through obscurity imo here, follow simple things like use non-standard ports and your changes of getting hacked are likely shockingly low even if your behind on patches.