I'd install some virus scanner with latest xvs.library. You can get them from Virus Help DK pages mentioned earlier. I think it's not necessary to run them all the time at background... just check any new files you're going to install or run and do full disk scan sometimes.
Although there probably isn't any new viruses, old viruses can make trouble still. For example the HNY96 virus is still quite commmon. You can see arcives infected by it several times a year still. For example there is one demoscene production containing it released this year already.
And about security risks when going online with OS3.9... you should notice that Genesis TCP/IP stack has filesharing capatibilities (like Samba) enabled by default and any other Amiga user can mount any of your partitions for reading and writing! So I'd advice you to either limit the access rights or disable the service completely.
For a start, I'd recommend to make .nomount file (can be empty) for root dir of each partition which you never want to be mounted for anyone. Then you won't have all files open to world, if you change your network configs later.
Then if you want to limit mounting from outside world, you have several options. If you're using router, don't forwad the port 2500 to your Amiga. You can also deny the access to that service from amitcp:db/inet.access file from certain IP-addresses.. or just allow it from certain addresses etc.
For disabling it completely uncomment amiganetfs line from amitcp:db/inetd.conf (or use Genesis Prefs and uncheck "enable" from Database->Inetd->amiganetfs).
