The UK government has announced standardization i.e. code of practice around consumer IoT devices since it is very important to get security solved in the design phase. Currently HP and Centrica Hive have signed up to the agreement but probably more big companies will follow. It will interesting to see will the smaller vendors and manufacturers follow the big ones, since although good and useful, the standardization may be costly.
There are 13 initial guidelines for vendors like: keeping software updated, no default passwords, not resettable to any universal factory default value, making device installation and maintenance straightforward, policies around deletion and protection of personal data etc.
Some sort of standard has been pushed by the security industry for some time so this is a good step forward to have our IoT devices more secure from the moment they leave the factory.