If you want your data secure when your Laptop is stolen, it isn't sufficient to use FileVault. The problem with FileVault is that anybody who "finds" your laptop can look up your login password in the swap file (/var/vm/swapfile*) and use it to decrypt your encrypted FileVault disk image.
A possible solution for this would be to exclude the memory area that contains the password from swapping by using mlock (like gnupg does), but for some reason Apple didn't do this. Also this would not prevent any other important information in the memory (emails, letters, ...) from being written to the swap, so there is still a chance that the thief will find something interesting in /var/vm.
The most secure solution is to encrypt the whole swap directory. On OS X this can be accomplished by creating and mounting
a disk image with a random passphrase on boot and executing
dynamic_pager with the mount directory as the
argument.
Important: this doesn't work very good in practice. After a few minutes your system will crash, probably that's a(nother) bug in OS X.
To use an encrypted disk image for the swap you have to do the following:
EncryptedSwap to
/System/Library/StartupItems.
/System/Library/StartupItems/EncryptedSwap/EncryptedSwap.
sudo su), open the file
/etc/rc with a text editor (e.g. nano) and write a "#" in
front of the line "dynamic_pager -F ${swapdir}/swapfile".
swapfile0 in /var/vm/encrypted.