Interesting article on the BBC about IoT and security. The headline makes reference to the Austrian hotel which was hacked four times and went back to old fashioned metal keys instead of electronic room keys. 

Later the article goes on to discuss various unlikely internet-connected devices which have been used to compromise organisations - including a casino hacked via it's network-enabled fish tank! Is this taking phishing (sic) to a whole new level?

While the article highlights the problem of securing IoT devices and discusses regulation to improve standards, I'm not sure that's the long-term answer. When the next innovation takes place, regulation will remain just as slow.

Ultimately, undertaking the basics of security hygiene will always be required. That much the CyberEssentials programme in the UK has got right. 

Knowing your environment and continuous monitoring are the main keys to keeping things afloat.