Always completely switch off your computer and lock your computer safely away, even if you just visit the bathroom. Screen saver locking or putting the laptop into sleep mode is not enough (Cold Boot Attacks). https://blog.f-secure.com/cold-boot-attacks
Don't display anything important on your computer screen (Van-Eck-Phreaking). https://twitter.com/windyoona/status/1023503150618210304 http://www.eweek.com/security/researchers-discover-computer-screens-emit-sounds-that-reveal-data
Don't type in anything important on your keyboard or touchscreen. http://www.eweek.com/security/researchers-discover-computer-screens-emit-sounds-that-reveal-data
Install USBGuard to protect against unknown USB devices.
(Note that USB IDs and serial numbers of USB devices can easily be replicated. Once an attacker knows the type of USB device you are using, and its serial number, USBGuard can easily be bypassed. That means: Never lend someone your USB stick, never accept a USB device from untrustworthy persons ... which means anyone.)
Always use fingerprints to identify certificates for important web services. Don't rely solely on CAs. https://www.theregister.co.uk/2018/09/06/certificate_authority_dns_validation/
Ubuntu Security https://www.ubuntu.com/security
End User Device Security Guidance for Ubuntu 18.04 LTS from the National Security Center (a part of GCHQ) https://www.ncsc.gov.uk/guidance/eud-security-guidance-ubuntu-1804-lts