The anti-malware out there can only protect you against LAST WEEK'S Malware.
As it stands right now, our Macs are just as secure against a Zero Day virus as your loaded to the gills with anti-ware PC... because you can be invaded by a virus that has not yet been cataloged in the anti-virus definition file. The Macs are just as secure WITHOUT all your CPU cycle robbing anti-malware baggage and until the day we see ANY viable malware in the wild, it will remain so.
When, and if, a viable Mac OS X malware appears in the wild, THEN, and only then, will it become necessary to consider buying and installing malware protection.
However, when that does finally happen, if ever, our Macs will still be just as vulnerable as your PC against all Zero Day, unreported malware. Buying protection against non-existent threats is foolish. When there are finally preventablethreats, not buying protection would be foolish. Until then, I'll save the money.
Not true; for example, in addition to looking for specific malware signatures, software can also look for suspicious behavior - it can alert you when a program tries to access or send data to a network, flag and prevent behavior like adding something to system startup or changing browser parameters, notify you when an executable file has changed, or detect malicious code that affects other operating systems with which you may interface.
It's always possible (if incredibly remote) that a given piece of malware can be written that is so unlike any other malware in existence that it can exploit a weakness in existing hardware and software firewalls and avoid any of the suspicious behavior that would flag the types of security software I run. But it's more likely that a given piece of malware would attempt at least some of the suspicious behavior I watch for, leading to its detection even if it was so different that it could not be picked up by any existing software package.
My bottom line is that the cost (for a Windows or a Mac, and probably Linux too) to proactively protect my systems is so low, and the potential consequences of not doing so is so high, that it is worth the protection regardless of the remoteness of the risk. This is a policy I enforce on all computers on my home and office networks, and not one on which I would be willing to bend for alternative operating systems. Others may run their computers and networks as they see fit.