I work for an anti-malware developer and am currently in Berlin for VB2013, which just finished up a couple of hours ago. This is a two-track conference, so while I didn't get to actually attend every presentation (including the one referenced in the article), there were at least seven specifically on Android, and many of the other presentations referenced it as well. You can view the conference program here.
One thing that Google got right is that most Android malware appears from outside of Google Play, from things unofficial app stores run by third-parties, direct download of APKs, and so forth. And most of that occurs in regions where Google Play is not always available, such as China and Russia. Android users in the Americas and Europe are far less likely to encounter Android malware.
There is an additional area of concern for users of the Android platform, and that is potentially unwanted applications, which offer an app that performs some function for free, usually in exchange for performing targeted advertising. These are far more common than outright malicious apps and because they cover the grey(er) areas of software, can often be much more difficult for analysts to classify because it is entirely possible that the user agreed to being spied upon in exchange for the 'free' application.
It is also important to keep in mind that Google's mechanisms are relatively new: In January 2013, Google removed over 60,000 apps from their app store, which then had about 800,000 apps, giving a "removal ratio" of 1:13. By comparison, Windows Phone had just about 60,000 apps in their entire appstore, of which around four has been removed, giving a "removal ratio" of 1:15,000. Perhaps there is some security though obscurity, at least in the marketplace.
In any case, I think that Google's acquisition of companies like GreenBorder and VirusTotal, as well as the fact that they sending employees to VB to speak, says something about their recognition of the threats awaiting their customers, and desire to protect them.