Infoworld has an excellent article on computer security.
To summarize it for you:
1- Patch the popular software first – and do it as soon as the patch is announced
2 – Don’t fall prey to the scams (social engineering) You are more likely to get scammed from sites you “trust” than those you don’t. Don’t EVER give information to unsolicited callers. Know what programs you have installed and ignore threat warnings from software you don’t recognize.
3-Don’t use the same password in multiple locations. If one site gets hacked, that password is added to the dictionary so it can be used to try to hack other locations.
4 – 2 Factor authentication has its benefits. Sure it is a pain in the butt, but if you are concerned about the security of your information/accounts, then the additional inconvenience is worth it.