Do I need Antivirus on a Mac?

Broadly speaking there are two different types of desktop computer users; Windows users and Mac users (sorry Linux users but you are very much in the minority).

Microsoft has included a free antivirus solution called Windows Defender for years because they realised that most malware was aimed at Windows users. Even so, many Windows users will use a third-party antivirus solution to provide extra protection.

Apple Macs also come with their own built-in security solution called XProtect, but conversely, most Mac users believe that additional security protection is not needed. This was exacerbated by an Apple marketing campaign that suggested that Mac could not get malware. This is simply not true.

It is true that Apple Macs are inherently more secure than Windows because of the way the operating system works. However, they are not immune from malware and there are more threats aimed at Macs than ever before.

Wait, aren’t “Malware” and viruses the same thing?

No. A virus is a type of malware but not every piece of malware is a virus. A virus is a particular type of malware that is able to spread itself, just like a biological virus. However, these days most malware does not spread that way. Far more malware is spread through e-mail, websites or infected software. We have become used to calling the software we install on our computers to protect against malware “antivirus” software, but it does a lot more than protect you from viruses. It will protect you from a whole variety of threats there are too numerous to go into here.

“Antivirus” software is a set of programs designed to protect your computer from cybersecurity threats. It runs in the background, constantly scanning your computer for any threats. If it finds something suspicious, it will either remove the threat or quarantine it so that it can’t do any damage.

Is there malware that can infect Macs?

Before answering that question, it is worth considering why malware is created in the first place. Some of it is created to gain notoriety, some of it is created by nation-states for cyber espionage, but the majority of it is created for monetary gain. That is, criminals are creating malware to either extort money or make money in other ways such as through Cryptojacking.

Years ago, over 90% of all computers were Windows systems. Today Windows still has a very large market share, but Mac usage has eaten into that as shown in the chart below.

Graph showing the trend of desktop operating system usage since 2009

This means it is now more worthwhile for criminals to write malware and potentially unwanted applications (PUAs) for Apple Macs as they can make money out of it. You will see this trend in the chart below which shows a massive jump in 2020 which coincided with more people working from home computers. Hackers are not stupid and they realised that many people having to work from home using personal computers would use a Mac, so more people using Macs had access to business data during the pandemic.

There are 1.8M known active threats for Mac OS. This pales into insignificance to the 1B threats on Windows, and even the 4M threats on Linux (which is probably because of the rise of Linux use for business systems in the cloud) but it is still a growing threat.

So, do I need Antivirus on a Mac?

In short, yes, we recommend that you do, certainly if you use a Mac for business use. While Apple’s operating system is inherently more secure than Windows, this doesn’t mean that Macs are immune to malware. In fact, there have been high-profile malware attacks on Macs for years, such as the “Keydnap” virus that targeted Macs back in 2016. Antivirus is the best way to protect your Mac from these kinds of threats.

While the built-in XProtect system does scan for malware, it does not have the advanced features of third-party antimalware solutions and is reliant on Apple updates to get up-to-date protection. Apple is not a security company and will not be as good as dedicated security software vendors at finding and stopping new threats.

There are a number of different antivirus programs available for Macs, so you can choose the one that best suits your needs. For business use, we recommend a solution that reports the security status of all systems to a central console. Using such a solution ensures that all systems (Windows, Mac and Linux) can be centrally configured, and malware detections are reported to a central location that is monitored so alerts can be responded to quickly.

If you would like to know more about the options available to your business, please get in touch.

← Why you will not be fine on this Cloud9 Zoom wants to be the new Teams →

The BEST protection against ransomware

Ransomware attacks – where hackers steal your data and demand a ransom to give it back – are skyrocketing. You need to have the very best protection in place to keep your data secure. And here’s what that protection is…

A free tool for more polished communication

You’ve hit send on an important email – then you notice a typo. Windows 11 lets you spellcheck and autocorrect across most of its apps. Here we help you to set it up

Beware that “support call” – it could be a ransomware scam

Would your employees give an unknown caller access to your business devices? But what if they got a Teams chat from someone posing as Microsoft support? Here we tell you all about a new ransomware scam

How to create secure passwords

Weak passwords are one of the biggest security risks to your business.
Why?
Because cyber criminals are getting smarter than ever before. If they manage to crack just one password, they could gain access to your sensitive business data, financial information, or even gain control of your entire system.
Cyber criminals use automated tools to guess passwords, allowing them to try out millions of combinations in seconds. So, if you’re using something like “Password123” or “CompanyName2025”, you’re practically handing them the keys to your business.
A compromised password can lead to big issues, such as:
• Data breaches
• Financial losses
• Identity theft
• Reputation damage
But how do you create strong passwords without driving yourself (and your team) mad?
Think of your password like a secret recipe, where only you should know the ingredients. It should:
• Be at least 14 characters long (the longer, the better)
• Include a mix of uppercase and lowercase letters
• Contain a few numbers and symbols (like @, $, %, or &)
• Not contain any common words or easily guessable information (like birthdays, names, or the word “password”)
Instead of using a single word, you could try a passphrase – a short, random sentence that only you would understand. For example, instead of “Sailing2025”, try something like “Coffee&CloudsAreGreat9!”. This is much harder to crack, yet still easy to remember.
You should also steer clear of these common mistakes:
• Using personal info (your name, birthday, business name, etc.)
• Reusing the same passwords across multiple accounts
• Using simple sequences (“123456” or “abcdef”)
• Storing passwords in an easily accessible place (like a sticky note on your desk)
If remembering unique passwords for every account sounds impossible, there is another option: Password managers. These generate strong passwords, store them securely and autofill them for you.
With a password manager, you only need to remember one strong master password for the manager app itself. The rest are encrypted and stored safely, reducing the risk of data breaches.
Even the strongest password isn’t foolproof, which is why multi-factor authentication (MFA) is also important. MFA requires a second form of verification, like a one-time code sent to your phone or generated from an authentication app.
If you have employees accessing your business systems, it’s a good idea to have a password policy in place to explain your rules and why they’re important. This should include:
• Unique passwords for each system and account
• Regular security training on password best practices
• Business-wide use of MFA for critical systems
• Scanning for compromised passwords regularly
By making password security a priority, you can reduce the chances of a cyber attack creating a nightmare for your business.
And if you need help making your business more secure, get in touch.

BEC attacks illustrated. Image of a hacker standing behind a computer looking menacing

Business Email Compromise (BEC) attacks are rising

Business Email Compromise (BEC) has emerged as a significant threat to businesses worldwide in recent years. As of March 2025, there has been a staggering 30% increase in BEC attacks. In late February 2025, Microsoft Defender identified nearly 2 million phishing...

How to disable fast startup - thumbnail image

Tech Tip: How to disable Fast Startup and shutdown your computer properly

It is a fact of life that we occasionally have to turn our Windows computers off and back on again to fix problems. However, if you are not shutting down your computer fully then your efforts may not have the desired effect because of a feature called Fast Startup....