Like the internet, IoT is a big horizontal layer of technologies and practices. It has touch points across industries (like healthcare, automotive, consumer goods, infrastructure) and regulatory areas. That’s what makes it so hard to discuss, to regulate, and to make secure.
More importantly, security has a pretty clear meaning in IT. But I’d argue that for the Internet of Things we need a more holistic concept of security than for traditional IT—one that includes aspects like data protection, privacy, user rights. A more human rights-style that goes beyond pure security and extends protection into adjacent but equally important areas.
Otherwise even the most technologically secure systems won’t serve the purpose of protecting users from negative consequences.