Think the worst threat to your public internet website is hackers? From my experience, not necessarily. I've been working with websites on the public internet for about 10 years now, and I have had my sites hacked. The hackers setup backdoor pages on my site for blackhat SEO purposes. It did create problems and it did cause me to lose my page rank with Google until I cleaned it up and kept it clean for a period of time, but I've had worse problems with my sites and the source of the problems might surprise you. My own hosting companies! Yes you heard right. My own hosting companies have caused more downtime and loss of data on my sites than hackers ever did.
My first problems came 6 or 8 years back while hosting with ipower. This company had rated fairly high when I started using them and I had no problems at first. But over time service slipped, and every time I found my Real Estate Website down or having problems, it was because of changes that the folks at ipower had made to my site. The final straw came when ipower undertook a hardware upgrade project and all my site's went down. I did some online researching and found out that the company had been sold. Apparently the new management just didn't have the same focus on service and keeping sites up. That was the end of hosting with ipower. It was clear they weren't concerned about providing the level of reliability that I needed.
Next I took all my sites - including my Real Estate web site - over to Midphase to be hosted. Midphase was pretty good at first and helpful in getting me setup. Just recently, however, we began having more problems with site errors and outages. Service seemed fragmented. We had VPS hosting, but VPS would often tell us we needed to talk to shared hosting and vice versa. Then I received a somewhat abrupt email on a Thursday that said my vps hosting was being migrated to another company - Westhost. It said my new sites had already been set up and that I should test and then repoint my domains when satisfied. I tested the next day and nothing worked. I put in a ticket and received an answer that I needed to talk to my registrar. I let follow-up get away from me, and on Monday morning, just 4 days after I received the email, they pulled the plug on my live sites. I then spent 2 days on the phone wth 2 different hosting companies - Midphase and Westhost - and around 6 or 8 different people just trying to get my site domains rerouted to the correct place. They took the stance that it wasn't really thier problem since they weren't the registrar for my name server record, but they had happily taken on the duties as registrar for some of my other sites, never indicating to me that they really wouldn't be able to service them. After finally re-routing my sites, it was discovered that none of the files for my most important site were available. They finally produced a database that had been taken around 8 days before the site went down (as if that would have been satisactory anyway). After waiting another day or so for either Midphase or Westhost to produce my files, I relented and retored a copy of my own which was - unfortunately - significantly outdated.
To cut to the chase, the hosting companies didn't have the level of concern for the uptime or restore capabilities of the sites that I would have hoped, and it now seems to me that the possibility a hosted site going down or it's data being lost is much more likely from actions taken by the hosting company rather than by any hackers out there.
I also learned that when you sign up for hosting with a company, you might want to have a conversation with them about their hardware life cycle refresh plan. That seems to be when things start to get ugly.