"The point is not to crack a walnut with a sledgehammer. Don't apply security controls you don't need to," he said.
Johnstone was also keen to stress that industry bodies and standards organizations are well aware of IoT risks, and committees are actively addressing these security issues.
"It's easy to pick up on reports that nothing is being done to address IoT standards and security, but people are looking into this seriously," he said. "Just don't expect anything anytime soon as discussions are not mature at this stage, and getting international consensus on standards is challenging at best."
Sign up for Computerworld eNewsletters.