The whole IoT movement is ridiculously scary IMHO. It certainly champions innovation, creativity and sense of coolness to your technical engineering feat, but having new ideas, making cool devices you can interact with over a network/lan/internet unfortunately will always be the lower hanging fruit to becoming even an amateur fly-by-night web/os/network security expert, even with the gobs of free security tools out there to scan your device and mitigate the easiest of attack vectors.
It's honestly almost too easy anymore for anyone at any level to grab an Arduino, RPi, some turn-key sensor solutions and with a handful of pre-written code off Github or a blog post, be excited about 'look what I did' while Johnny Hacker owns it and makes it a part of his Botnet network.
Bring back the physical serial port to manage it all, man! Like "more cowbell", we need "more RS-232"