problem is not IoT, it's no "home (as in private) networks".
Not every toy was designed to be an internet protected appliance.
Use it at home on a closed network.
All my home devices are on a closed network and would have to, at least, go out through a proxy, so please stop portraying every network-capable device as a disaster. People need to start having 'home networks' with the same basic expectations as a home bedroom or bathroom -- something that isn't automatically connected to every hacker on the internet.
Rather that try to raise expenses and force security on every home device like toilets, toasters, refrigerators, etc... you need to focus on people having a 'home space' that includes a closed home network.