Encrypted wallet, VPN, sandbox, don't use TeamViewer or other cloud services on your staking machine. Common sense, done.
While they all deter a theif anyone determined to get your wallet is going to get around those measures.
Your staking wallet makes you a target and ARCH users are OK with being hacked and will all agree it is the victims fault they lost their investment in Arch.
So best way to become and ARCH CEO is to just steal wallets it seems. ARCH management seems ok with this.
Please explain to me how this combination of measures would be circumvented -- you're shouting at the ground. Which of these measures did you have in place when your coins were stolen? Any of them?
Try posting your credit card information up on Facebook and see how helpful they'll be in chasing down whoever uses it.