Basic IT security principles may be old school but they are still relevant in the new realm of IoT security. Case in point, Paul’s top 3 of top 5 IoT security issues: Lack of security by design Web security Basic cryptography principles Management support Customer demand
Paul Dant give an ethical hacker's perspective on the top five issues in Internet of things security and what is easy and not so easy to improve

Because of where we are in the evolution of Internet of Things systems it’s not possible to simply bolt on a firewall or Intrusion Detection System. Unlike in IT, in IoT, security must be considered from the beginning as part of the product/system design. But it doesn’t mean we can’t apply some of the same techniques used by our IT brethren. Take for example network traffic analysis. It’s a hot IoT security trend that I’ve written about before but now it’s not just start-ups that are getting into the act - large companies like Symantec are planning to bring all their experience in security analytics to bear on the foes of IoT.
Brian Witten about intrinsic security, security analytics and his four cornerstones of Internet of Things security

The more I dig into it, the more I’m convinced that privacy is a bigger issue than security in IoT. Don’t get me wrong, the challenges facing IoT security are huge and in many cases, unchartered but, we’ll figure them out. Why? Because we’re good at figuring out tech. What’s going to be more challenging is teasing out the rules of engagement from the tangled web of IoT privacy. This involves people, companies, special interests and the law – much more difficult and with huge business implications.
privacy philosopher Justin Klein Keane about the challenges we face and some mental frameworks in which to consider them