I saw that article yesterday and I think what they've asked the experts to weigh in on is way too broad of a topic. They're not talking specifically about malware, as much as they're discussing security in general. A number of the experts are again espousing the same story of "security through obscurity", which has been proven time and again as a myth.
Without getting into the seminal matter of Mac vs. Windows, I will simply present some facts that should allow anyone to make an informed choice as it relates to the topic of this thread, Anti-Virus and Firewall.
1. There are no known viruses in the wild for Mac OS X.
2. There are two trojans (very different from a virus in that they use social engineering to convince an ignorant user to install them). Both of which are blocked by measures built into 10.6.
3. Mac OS X uses a state-of-the art Discretionary Access Control system to protect the operating system, which inhibits the effectiveness of any malware (i.e. the user can not touch anything outside of their own home directory without giving explicit permission to elevate the rights of a program). In other words, creating malware would be a lot of trouble to go to knowing that it's unlikely to be able to do any real damage.
4. All anti-malware products for Mac OS X scan mostly for Windows maladies that will not execute on OS X. In my opinion, a $70/year subscription is a lot of money to pay to protect others against viruses that you may pass on, but are not actually susceptible to.
As it relates to firewall software...
1. Even with the Mac OS X firewall turned off, OS X does not respond to port scanning on any well-known ports.
2. With the firewall turned on and in "stealth" mode, OS X does not respond to any network requests at all, including ICMP echo.
3. The Mac OS X firewall will prompt the user if an application attempts to open a port and listen.
So, in summary, I don't believe it's prudent at this time to run anti-virus software or purchase any special security software. But I do recommend the following (and I know there are others that may disagree with me on the firewall, since most people are protected by a NAT firewall at their router or modem):
1. Before you install any software downloaded from the Internet, make sure you trust the source of the software. Also, make sure you know what the program is and what it does.
2. If you install any software download from the Internet, be particularly cautious about installing it if you are prompted for your password during the installation (this means that the software wants to modify system directories or files).
3. Turn on your OS X firewall in the Security preferences pane. Go into Advanced and enable "Stealth Mode". This makes your computer invisible on any network you might happen to connect to, and therefore will make it that much more difficult for a motivated hacker to locate to do any damage to.
4. Keep your software and operating system up-to-date. When prompted to update a software package, particularly things like Java, Flash and other web-enabled technologies.
If you'd like me to expand upon any of these statements, let me know.