The risk of the typical U.S. company suffering at least one major cyberattack within the next year is strong, and not enough businesses are taking appropriate steps to defend themselves, according to a survey of 602 IT professionals released recently by the Business Software Alliance. Of those responsible for security issues, 60 per cent said they believe it is likely companies will get hit with at least one major cyberattack within the next year. While more than half felt U.S. businesses have improved their security defenses since Sept. 11, 45 per cent said companies are still not prepared for a major cyberattack. U.S. businesses are devoting fewer resources to defending against cyberattacks than they did attempting to solve the Y2K problem, according to 47 per cent of those surveyed. Seventy-one per cent said that businesses should concentrate more on cyberdefense. On the positive side, 94 per cent said every computer at their company had antivirus software, and 92 per cent said their company uses a firewall to protect against network threats.