I think its missing a few fundamental areas:
- Use a separate airgapped computer to manage your cold storage / wallets
- Use linux on that computer and never ever download any other software
- Use virtual machines for each wallet so if you download a fake wallet so it can only access the single wallets assets
- Encrypt disks of that computer
- Store seeds and pks redundantly in at as least two physical locations (on paper)
- Encrypt those seeds and pks with a word or something similar that only you know
- If you need to withdraw funds (why would anyone ever) connect to the internet only for a few minutes from a vm with that single wallet and do the transaction. Immediately disconnect.
- Only use a lan cable from that computer, deactivate wifi, bluetooth and any other wireless interface.
There are probably many more measures. The thing is, there is no too secure in crypto and many peoples lifes will be destroyed due to hacking in the next century.