"The second security non-incident to hit the Mac platform in as many weeks has been debunked."
Sounds to me they need to hire someone with appropiate skills in either their PR or Legal departments.
Two non-security incidents in a month almost certainly mean that they're the victim of a FUD campaign.
The right way to answer that is not to validate the fud, but
- ... communicate the truth - which is a function of PR, and
- ... make sure no-one's illegally slandering their trademark -which is a function of legal.
The latter is far more dangerous to Apple than the hypothetical security non-issues a CSO could address.