When was the last time a Mac caused a business disaster?

As your company begins to assess which providers, platforms, and devices it intends to base its AI efforts on, don’t ignore the value of security, privacy, and resilience across whatever ecosystem you choose.

While you weigh the options, it’s worth asking when, if ever, Apple’s Mac or any of its other platforms have caused a global business disaster at the same scale we recently experienced from Crowdstrike/Microsoft.

It’s time to ask the questions

It’s time to be frankly, brutally honest while you consider the matter. Ask yourself: has the company (or you) ever suffered outages, breaches, or damages from using Apple equipment? I’m sure there will be some examples, usually around brief iCloud service outages or weak backup and archiving policy (data can become corrupted, so back it up before it does). Some companies might well have experienced some degree of cyberattack, and we all know about the deeply corrupt surveillance-as-a-service entities that struggle to make the entire planet more unhappy. 

But, in all honesty, how often has Apple (with its Lockdown Mode) left the doors wide open to enable any of that? That’s a tricky question to answer, but we do have some data points:

In 2024, Apple reported that it had prevented more than $7 billion in App Store fraud in the last four years.

As part of these efforts, the company terminated almost 374 million developer and customer accounts for fraud, privacy and security failures.

Apple stays locked down

Apple shared this information as it sought a more pragmatic understanding of how it runs its App Store from regulators. They didn’t listen. But what the data does tell us is that Apple is a target; criminals are working to undermine its security; and the company maintains constant security situation awareness. If it did not do so, more such attacks would succeed.

Apple has published more than 60 security updates for its products far this year. In doing so, it works more actively with security researchers than ever before. The fact that we frequently learn that new flaws have been identified and subsequently patched is testament to this. 

While security experts (with a vested interest in the cash they make through Windows support) usually say that as Apple’s market share grows it will become a bigger attack target, the truth is it already is subject to attack, responds swiftly to any new vulnerability, and is nothing like as insecure as other platforms. Microsoft, meanwhile, was recently named and shamed for leaving potential vulnerabilities within Office for Mac completely unpatched. 

Ask the big companies about their experience

For real insight into the relative security cost of Apple’s platforms, you might consider relatively recent data from Cisco, IBM, Forrester, and SAP. 

Cisco last year told us that across 10s of thousands of Cisco employees, Mac users experience almost five times fewer cyberthreats and nine times fewer virus issues than PCs.  

IBM famously described the cost of supporting Windows devices as being 186% more per seat than the Mac, in part because of the cost of tech support and security. 

SAP has previously also confirmed that Apple’s kit generates fewer support tickets and less walk-up to internal support centers.

An Apple-sponsored Forrester report also confirmed a huge reduction in security costs when using Macs, quoting one respondent who claimed to have experience no malware incidents at all in three years after moving to Mac.

How your company can ask its own questions

All this data demands attention. But CFOs eager for evidence to demand entrenched Windows-loyal CIOs to deploy Apple hardware might want to ask auditors, compliance, and risk analysis teams to gather information about the risk of using Apple’s equipment in their own business and in other enterprises they work with.

When it comes time for insurance renewal, insurance teams may be able to obtain vendor-level claims data from their partners to assess the relative risk differences between all available platforms. Even the legal department can play a part, seeking insight into any ongoing lawsuits or damage payments made in cases that concern Apple’s platform security.

They will want to find out which IT vendors and products are generating the largest number of damage and insurance claims; Merck’s case around the NotPetya attack or the United Healthcare case concerning Windows ransomware will probably appear on those lists.

Yes, Apple’s platforms get attacked by malware, too — the recently disclosed Cthulhu Stealer attack sounds pretty frightening, until you learn it is distributed within maliciously crafted applications that pose as the legitimate article and are distributed outside of the App Store. For enterprises, the protection against that involves forbidding employees from downloading applications from outside trusted app stores on company equipment.

Of course, such a directive would now have made a blind spot of difference when it came to Crowdstrike and the billions of dollars in damage it created. But perhaps regulators will have a meeting to discuss a response to that one day.

Does tomorrow belong to them, or to you?

Ultimately, you have to decide — do the relative risks really reflect market share, or does they reflect that Apple’s systems are inherently more secure than Windows? And if the latter is the case (which it is), to what extent do you want to trust the AI-driven future of your business to an operating system that is already proven to be inherently insecure? 

Once you arrive at this point, you might also want to consider the extent to which Apple Intelligence APIs can be used by your own developers to build solutions that could potentially be hosted on your own or perhaps even on Apple’s own secure and private AI cloud.

While the battle for platform security is ongoing, eternal, and endless, if you’ve got an opportunity to upgrade your kit to harvest the AI opportunity, then it really makes sense to ask yourselves all the above questions before slapping the company credit card down for your next failed tech investment. After all, must the AI-driven future of work really need to be a repeat of the last few decades of inherent platform insecurity?

I don’t see any compelling reason for such an unsatisfactory outcome. Do you?

More from Jonny Evans

What to expect at Apple’s Sept. 9 ‘Glowtime’ special event

Jamf teams with Okta for enterprise-class simplicity

How Apple can fight the tyranny of ‘choice’

Please follow me on LinkedIn, Mastodon, or join me in the AppleHolic’s bar & grill group on MeWe.