Content protection encrypts the data when it is not in use, and decrypts it "just in time" when an application accesses it. So if you grant malware permission to access your data then it will be able to access your data if you have content protection on or not.
The purpose of content protection is to prevent someone getting your data by dumping the memory from a lost or stolen Blackberry. It doesn't protect the data from applications loaded on the device, that is what application permissions do.
By the way, by default all applications are granted permission to access and change the PIM dta.
My other Blackberry is a PlayBook.