Do you still encounter people who say, "Macs don't need antivirus?" How do you respond to them? Every endpoint should have EDR installed, iOS notwithstanding. My favorite approach is to demonstrate risk and the cost/benefit of reducing it. Phishing and drive-by attacks are increasingly targeting SMEs and it can be very costly. It’s more important than ever to not underestimate threats.
I've definitely had this come up a few times on the home user side, usually with people that are just old enough to remember the Mac vs PC commercials. It's almost always that specific age group. Generally just pointing them to a few articles or even asking if they have ever typed in their password without knowing why tend to make them realize they should reconsider. On the enterprise side, nobody seems to question it. I'm guessing people realize they should have something, and while they might risk it on their home machine, won't do it where the business is concerned.
A big problem with modern malware is it's not limited by OS as much as it used to be. As web browsers increase in capability they also increase in risk of an end user getting malware installed on their machine. The more software that is installed on a machine such as Java or other such ecosystems that increase capability and are universal, the more risk to the end user as well.
Antivirus software not only protects the OS but also protects the browser, the java applet, etc. At this point it's important to have all users on all OSs having some kind of anti-malware protection. Email attacks with HTML files are becoming increasingly coming in not only phishing attacks but other forms of malware as well. With the increase in web based SaaS models the browser can almost be viewed as an operating system to itself. These browser based attacks are not any more safe on Mac than they are on Linux or Windows.
@resonantenergy and when we rely so heavily on our browsers (how many use gmail and don't have application-based email any longer), we should be a lot more cautious about the links we click. It's way too easy to just click away without thinking about where something is taking us and whether there's anything malicious on the other side.
Like someone's post? Give them a kudo!
Did someone's answer help you? Please mark it as a solution.