The main issue of security is trust. There is already plenty of evidence that Microsoft and its software cannot be trusted . But trust is not black and white, it's a matter of degree. It's like the cool friend who's fun to hang out with and do drugs with, but who at the end of the day you wouldn't trust with your innermost secrets or to be there for you when you're in trouble. You should think of Windows as that guy. With that in mind, I'll outline a few principles I find useful when thinking about security and how to apply them to make running Windows safer:
1. Data compartmentalization - never, never, never trust Windows with *all* of your data. Only the data that is essential to run Windows. Keep anything important on an encrypted Linux partition. If you need to access this frequently, consider setting it up as a network share (SFTP, Samba) and make it accessible to Windows that way, since then you can control finely grained permissions.
2. Threat modeling - always model the threats against you and their likelihood. It's highly unlikely that you're subject to targeted attacks by law enforcement or intelligence agencies (and if you are, you know who you are and probably shouldn't be using Windows for ANYTHING). Therefore you should trust Windows update and keep your system up to date. None of this nonsense about blocking updates or running Windows XP . Your main threat is random malware spreading on the Internet, and the best defense is getting security patches installed as quickly as possible. Do not install software from unverified sources, especially pirated software, unless you can trust and verify its integrity. Otherwise you're just asking to get rootkitted and turn your botnet into botnet^2.
3. Auditing - it helps to periodically check your system to understand what it's doing. Run Wireshark to see what servers your computer is talking to. Audit your running processes and uninstall anything that's not essential. Run nmap for open ports and close those services.
4. Minimize attack surface - this was already alluded to above, but basically don't expose yourself to unnecessary risk. Install the minimum amount of software needed to use your machine and make sure that limited set is trustworthy.
Unfortunately security is a hard problem and most people want an easy solution. Security is a process and there is no single solution. Educate yourself, read up on InfoSec, set up good habits, and start thinking about where your information is flowing.
 I'm sure some are going to argue that the decreased security of older versions is a good tradeoff to avoid the privacy implications of Windows 10's telemetry. But if you have followed data compartmentalization, you won't be giving Windows 10 any information worth snooping on. If you require privacy for a particular activity, use a technology you trust to keep you private. Or better, don't involve technology in that activity at all. Most technology is designed to relinquish your privacy.