With Google's new Privacy Policies going into effect soon, how can I better protect myself using their services?

The "privacy policy" of Google, and hackers, are mostly orthogonal issues.

The new privacy policy is about making clear to you, in a legal way, that Google may aggregate all your data, regardless of the "service" under which you made such data available to Google.

The "hacker risk" that you allude to is more about how a malicious individual, obtaining an illicit access to some of the machines within the Google network, could escalate that access into access to more machines within the Google network.

The only link between these two themes is that, in order to aggregate data from several services, the machines which host these services must be somehow linked together and let the data flow. However, it is highly probable that all the machines at Google's are already linked together with high data flows, if only to mutualize infrastructures, maintenance and backup tasks, and your data already flows quite freely. The new privacy policy is not about instituting new data flow processes; the data is already gathered and moved around. The new policy is about making it legal for Google to have a look at the gathered data.

Therefore, the new policy is unlikely to increase, or decrease, or alter in any significant way, the resilience of Google's systems to external malicious hackers. What the policy changes is that it allows Google itself to do some data mining and matching that would otherwise be considered as "bad".

(Presumably, Google is not evil -- if Google is evil, we are all doomed anyway.)

this makes me nervous as my info is now aggregated/centralized to many services - which for all I know they've been doing this for years - which provides many points of weakness.

Is this really a risk to worry about?

Absolutely. This increases the exposure of your data to threats external and internal to Google.

INTERNAL

Google has internal threats. No all bad guys/hackers/criminals exist in the outside world. The internal threat is one which is rarely talked about, but it is real and extremely dangerous. Even if Google provides excellent security against external threats the easy flow of your personal data between their services creates greater exposure to Google's internal threats.

Does this really provide more avenues for hackers to access google data, or is it nothing more to worry about before since all services used are encrypted? (at least I believe they are....)

Yes, as above it creates greater exposure to internal threats. It also creates greater exposure to external threats by making your personal data available to more services. The more services that are available to an external threat the greater the possibility of the threat finding a vulnerability.