Well, if you were to open up owncloud to the internet, you'd be taking on the risks, whatever they are, inherent to the web server's (in our case, lighttpd from this guide) vulnerabilities. I suppose you could do that, if you were satisfied that the lighttpd software was sufficiently safe. If you did do that, however, I would recommend only allowing HTTPS mode for connections to your owncloud server. Furthermore, I'd recommend forwarding a non-standard port. This will reduce your attack surface in the first place, and will at the same time decrease the chance of a random hacker realizing a service is listening (and hence, not realizing there's something to go after). I don't know how much you know about the things I just said, but you'll be able to Google them as necessary.
The other option, that almost everyone would be comfortable with, is to set up an OpenVPN connection, and simply use that to tunnel through to get to your OwnCloud. You can Google that as well.