Friedhelm Becker: It is entered at no cost to a victim’s system, but may become expensive to cope with it. What to do about it?
Forbid the load of any malware! Even recognizing malware requires to load it first. But this options means to completely isolate the system, Therefore it is not a really meaningful step in a time, when everybody is asking for connectivity.
Prevent malware from execution! This is my preferred approach. The first case of malware, I handled, happened in 1974 – so we are not talking about an outcome of the internet. Since the hack that left RSA and lots of their clients as victims, I developed attributes for a cyber-save hardwar architecture.