Mark,
I've read about some of those exploits, but if you read closely, many require that you have some physical presence close by, others need an infected smartphone to gather the data. It's getting into CIA/KGB/MI6 territory, or hacking into something like Amazon or Bank of London where there would be immense amounts of valuable data. I seriously doubt that someone is going to go to those lengths to steal a credit card number from your studio computer. It's much easier to just put a card sniffer on the local gas pump and harvest the data, or else just steal your wallet (always a tried and true method).
RE: VPNs, yes, that's kind of what I was questioning. In Rob's case, he has a network drive at home base with a duplicate of the data, so if need be, he could pull down projects that he did at work, and process them at home or on location. VPNs encrypt internet traffic before transmitting, so that if you used public wifi, a thief couldn't read the data that was streaming between your device and your home base. The company that I worked for used a VPN for all company email and to run the accounting/inventory/process software. I could log in at a hotel room, and work securely. However, that type of system is basically like an email or browser in terms of the lack of critical speed demands. For something like a DAW where you might be trying to maintain a low latency environment, does the use of a VPN add an additional load on the operating system that might cause DPC issues.