#1 I've spoken with @DataSecurityNode extensively about this and his ideas for network security are outstanding. Off-site geo-diverse real-time redundancy is key and his work at BunkerShares (Nova Scotia!) is FANTASTIC. If you haven't looked into utilizing his services, please do so.
#2 After reading all the recent news of government clampdowns on Ripple and others, secret subpoenas en masse, etc, I think we need to have our own bugout bag o'tricks to fend them off as well. I know we're decentralized, no single point of failure, but what happens politically here if they just arrest Dan and Stan for no legal reason at all, or start DDOS'ing just the class of ip's that a Delegate's webhost uses, or actually attack all of the known core devs individually? Scary stuff, I know, but remember, the beast will do whatever it has to, to protect itself. We are on the cusp of that right now. #3 I was thinking that at least as a start, we should require 51% of the core devs to manually wall burn a warrant canary that publishes a different "GOOD TO GO" style message every month (diff Devs on diff days of the month too, so we're not set back by a full month). If the message is always slightly different, then we know that it was manually published by that person and not some batch file. If it's multisig, we could stop the gov from tampering with those wall burns too. Secret subpoenas wouldn't be such a threat and we would be a lot more agile to such attacks.
#4 We should even add an automated alert of some sort, one that broadcasts a core dev delegate FAIL via an entirely different crypto (NXT has messaging as well). Working with other crypto networks instead of competing with them (in this sense) can save us all.
Proactivity can save lives, not just our network.