I'm telling people not to panic
The truth is, whether you are speaking about XP or any other Microsoft OS, the security on them was never great. What kept XP "safe" was good web hygiene, a firewall, (preferably one software, one hardware on a router), an up to date anti-virus product, an anti-malware product, and keeping away from the parts of Win XP which talk directly with the internet which Microsoft stopped upgrading, which is Internet Explorer, and Outlook Express or Outlook, and maybe Office.
Most anti-virus companies are continuing to support XP for years to come (including free ones), even Microsoft is keeping Microsoft Security Essentials updated for XP for the next year or two, although it almost always comes out as the bottom protection in AV tests, so I'd avoid it. There are several updated web browsers and email clients (I use Firefox and Thunderbird). Oh, also turn off JAVA. It has been a massive security problem. Make sure you keep up to date with your AV and malware software and any updates to Adobe Reader and Adobe Flash, since they also create vulnerabilities.
It isn't a perfect solution, but we know all Microsoft OSs are swisscheese when it comes to security. What I find interesting is many businesses and banks are not leaving XP, and you'd think they would be much more concerned.
The other consideration for some would be to use your XP system off line for whatever you need it for (storage, documents, word processing, images, videos, etc) and then use a tablet for your on line surfing, email, etc.