The cybersecurity industry mocks/criticizes IoT. That's because they are evil and wrong. IoT saves lives. This was demonstrated a couple weeks ago when a terrorist attempted to drive a truck through a Christmas market in German. The truck has an Internet-connected braking system (firmware updates, configuration, telemetry). When it detected the collision, it deployed the brakes, bringing the truck to a stop. Injuries and deaths were a 10th of the similar Nice truck attack earlier in the year.
All the trucks shipped by Scania in the last five years have had mobile phone connectivity to the Internet. Scania pulls back telemetry from trucks, for the purposes of improving drivers, but also to help improve the computerized features of the trucks. They put everything under the microscope, such as how to improve air conditioning to make the trucks more environmentally friendly.
Among their features is the "Autonomous Emergency Braking" system. This is the system that saved lives in Germany.
You can read up on these features on their website, or in their annual report [*].
My point is this: the cybersecurity industry is a bunch of police-state fetishists that want to stop innovation, to solve the "security" problem first before allowing innovation to continue. This will only cost lives. Yes, we desperately need to solve the problem. Almost certainly, the Scania system can trivially be hacked by mediocre hackers. But if Scania had waited first to secure its system before rolling it out in trucks, many more people would now be dead in Germany. Don't listen to cybersecurity professionals who want to stop the IoT revolution -- they just don't care if people die.
Update: Many, such the first comment, point out that the emergency brakes operate independently of the Internet connection, thus disproving this post.
That's silly. That's the case of all IoT devices. The toaster still toasts without Internet. The surveillance camera still records video without Internet. My car, which also has emergency brakes, still stops. In almost no IoT is the Internet connectivity integral to the day-to-day operation. Instead, Internet connectivity is for things like configuration, telemetry, and downloading firmware updates -- as in the case of Scania.
While the brakes don't make their decision based on the current connectivity, connectivity is nonetheless essential to the equation. Scania monitors its fleet of 170,000 trucks and uses that information to make trucks, including braking systems, better.
My car is no more or less Internet connected than the Scania truck, yet hackers have released exploits at hacking conferences for it, and it's listed as a classic example of an IoT device. Before you say a Scania truck isn't an IoT device, you first have to get all those other hackers to stop calling my car an IoT device.