Windows 10 is the latest and greatest operating system from Microsoft. It still need help to become more secure.
Securing the Boot up Process
Windows 10 Secure Boot prevents rootkit attacks, where malicious code attempts to tamper with Windows before it boots, before antivirus and other system defenses load. Microsoft introduced features to protect the Windows kernel and privileged drivers in previous versions, but Secure Boot enhances those measures to prevent system tampering.
If your PC is a recent one, you will have what is known as UEFI Firmware that support Secure Boot. This allows the PC to check the signature of each piece of boot software to ensure they are not compromised. Make sure you enable this.
Secure boot is supported by Windows 8, Windows 8.1, Windows 10, Windows Server 2012, Windows Server 2012 R2
Set Windows Defender Built in Antivirus blocking to High
Windows Defender Antivirus ships with all versions of the Windows 10 operating system. Versions included with the Windows 10 Creator Update version 1703 or newer in 2017 allow you to set the blocking level to high. Be sure to do this.
Windows 10 Wi-Fi Sense
Windows 10 will by default, share your Wi-Fi network password with any contacts you may have listed in Outlook and Skype, and with your approval, your Facebook friends. This is intended to solve the give your friends access to your home Wi-Fi problem. The problem is, it can lead to compromising your Wi-Fi password.