Opinions vary, but as for me, I concentrate defenses on the browser, and paying attention to what it's 'telling' me.
Since all OS's use the same protocols for Internet access, that means everyone is vulnerable to phishing, re-directs, XSS, and so on. And because of the astonishing power of JavaScript, non-system exploits could be included.
Because of it's incredible range of functions and built-in security, "NoScript" should still be used with Firefox.
One example is the protections afforded when using WiFi and SSL connections.
(See: http://hackademix.net/2010/10/27/forcing-https-with-noscript/
Linux is also subject to hardware failures and the rare system meltdown, and all users should institute a data backup policy.
For Ubuntu (others may be similar):
Bottom panel> Applications> U. software center> Accessories> Deja Dup BU utility> Install.
Make a folder on the desktop (or other loci) and direct the utility to send them there.
Within Deja> Edit> Preferences> b.u. location> other> generate (or select) a BU folder> double click.
After that, it will appear in Lower panel> Applications> Accessories.
It's pretty straight forward after launch.
Move results to alternate media for safekeeping.
2 copies are ideal: one on site; one offsite (in the event of fire, flood, theft, etc.)
If you use Firefox, you may want a separate 'folder' for the entire browser settings, bookmarks, etc. Have a look @ "FEBE" for that.
https://addons.mozilla.org/en-US/firefox/collections/dunbar-pappy/dunbarpappy/
There's also a decent assembly of other security/privacy items there.