"Since the tools for Linux are generally excellent and the runtime cost is zero, it's clearly going to be the defacto choice unless there is a reason to choose differently."
There is good reason and it's not even systemd. I don't see any of the current OS architectures, either Windows or Unix-like, offering the defensiveness needed under modern conditions. I think that over the next few years we're going to see a new architecture that places more emphasis on security. It's all very well providing perimeter security to try to keep invaders out. Let's not assume that we can do that all the time because PEBCAK won't let us. So what can we do to minimise damage if they're in?