This is really great advice and there really is nothing much that can be added to it. I like at the end how you added that people should never store a significant amount of coins in exchanges because a lot of people make this mistake using exchanges as wallets
I will have to disagree with you soon. I seen that Blockbid exchange that is in beta testing is one of the first to be fully covered by cybersecurity insurance.
But they're not decentralized as they're fully compliant with the AML/CTF guidelines outlined by AUSTRAC (Australian Digital Currency Agency).
I feel once the exchange is up and running and knowing that what coins you have on there will be insured if it gets hacked, it will be a safer option.
But if you like to control it in a decentralized way then the option the OP gave are spot on.