This might sound amusing. If people hope to make a living off selling the public IoT devices, it isn't.
The problem here is one of systems integration. There are too many moving parts and when the system goes wrong, there is insufficient information to diagnose the cause or even which device is at fault.
For the past few months I have had a pattern of Internet outages that would only end when the router was rebooted. This was eventually solved when the hardware was replaced. But there is no way for me to know if the reason the device was going out was a hardware failure or the device had been compromised and was participating in a botnet - as reports claim many devices supplied by my ISP were.
Replacing it, I seem to still have a bufferbloat issue but I have no way to solve that till the Turris Omnia arrives and even then I will probably have to do some fiddling.
If this type of issue doesn't get fixed we are not going to be able to sell consumers the stuff we want to sell them. The lack of diagnostic and debugging support is increasing costs for everyone. When a device goes out there are typically three vendors who might be the cause. I count myself lucky if I get the right one the second time.
Yes we have SNMP but that is firmly established as being an 'enterprise' capability that consumers won't be told even exists.
Right now we seem to have more industry IoT interest groups than ever. But what we don't seem to have is a group whose brand is going to mean 'it will work, it is secure and there are no hidden vendor lockins'.