Security is an ever evolving moving target. What is deemed secure today may very well become insecure tomorrow.
While I agree with you on this point, you aren't looking far enough at the problem.
The real problem is the number of these devices that never see updates/patches from the vendor. This plays out in two ways. The first being that the vendor never patches anything and the second is while they do, they don't make it simple for the average user to A) find out about the update and B) install it.
The other problem we have is that security is not a selling point for the average user. They pay attention to the bling, so even if there was somewhere you could go to get honest and up to date security reviews on products before you buy them, most people wouldn't. While I am no fan of government regulations (due to how they instituted and implemented in highly politicized manners), this is something where the world could benefit.
In the later regard I view it much like vehicle emissions. The majority of people just don't care and even many of the ones that do don't understand how wrong they are on the facts. As such it is valuable for governments to step in with clear and impartial (it's Monday, everyone needs a good laugh to start the week) requirements that manufactures must meet before their cars can be sold.
Something similar should be in place for network connected devices to force companies to be better actors. Otherwise, as in every other industry to date, corners will be cut on consumer/environmental safety since such enhancements will generate little if any revenue. It should not be left to the person that can't figure out how to connect their cable router who is also the same person that will think an Internet connected TV or fridge with built-in cameras are a good idea...