I'm sorry, but the savings you get from hiring inexpensive (read: incompetent) staff is being reflected in Microsoft's TCO calculations (represented by charging more for *nix admins). If you want to ignore the costs of malware, you're going to have to REDUCE the costs of malware, and that's going to increase the cost of staff, as they will need to be better trained, and thus, more expensive.
Your arguments come across to me as someone who wants to do something they know has a significant chance of failing, but only count the successes when someone asks how well that something works. Malware is a real cost, and by that I mean costs real money. All the foot stomping in the world isn't going to pay these real costs, so counting how much it's going to cost (or at least estimating on past experiences) when planning your budget is the only rational way to do things. You might get away with proclaiming that malware costs just don't count in some Marketing department some where, but if you went to Accounting with that same line, they'd point and laugh at you.