Wait, this thing is still around? Anyway, the best way to "secure" your wallet without really securing it, is putting it on a computer that never gets used for anything. Build a computer, put an OS on it, then just put a wallet with whatever dependencies needed with it and there you go. If Windows, keep it updated through windows updates, linux with its package manager, but don't do anything else with it. Now it is (for the most part) only vulnerable to attacks from other computers on the network. But if it's also on its own network, then you're golden. Not immune, but it's a massive step forward, and encryption isn't even needed. Only turn the computer on when you need to take coins out of the wallet.
A barebones machine like this, that has never even opened a browser, would indeed be about as safe as you could get. More safe than any machine with any antivirus that has connected to the internet at some point.
Even with this barebones setup...
Isn't sending from or receiving to the client also a potential vulnerability? If so, then what is the benefit of cold storage clients?
Can your computer get infected with a trojan when the Bitcoin client connects to the internet or are viruses only transmitted through browsers?