We could be at war before I write the next column for this space. And if theres a war, the likelihood of retaliatory terrorist strikes at home will grow, Homeland chief Tom Ridge said last week. There may be more threats, there have been more threats, if we go to war, he told The New York Times. And threats realized will be no good for business.For example, the Edinburgh Evening News from Scotland reports on a government paper considering an attack occurring shortly before the end of the month: It could leave companies unable to pay out salaries, which would mean many employees would default on mortgage and debit payments, triggering a meltdown in the lending and retail sectors and ripples out into wider economic disruption. So everyone is making systems redundant and building contingency plans and storing duplicate data in far-off secure locales, right? Apparently not. Although many cybersecurity companies reported a spike in orders during the recent spell of Code Orange alertness, Dataquest Inc. just released its study, Investment Decisions: Preparing for Organizational Disasters, which showed readiness is still a distant goal. The study found that while 53 percent of respondents have implemented crisis management plans, another 30 percent have not, though theyre thinking about it, and 17 percent said they are not even developing such plans. The main deterrent cited is money. Companies dont have enough to reach their required readiness levels, said a Dataquest analyst. To make matters worse, VP and CTO of Symantec, Rob Clyde, says that even companies that have disaster and contingency plans in place are probably not prepared for the multiple events that could occur in wartime or during a terrorism attack.Maybe the hype for readiness comes too readily from consultants and security vendors. But what are you doing differently with the rumble of war in the air? Or what would you do if budgets allowed?