No, this isn't a tirade on the security of IoT. It's about story about change. Specifically, change and its implications on security.
Change is constant. There's a million different axioms and proverbs about change, so it's really hard to choose just one to sum up how it impacts security. Inarguably it does. And right now there's a lot of change going on that's impacting security.
"Micro" movement like microservices and microsegmentation are dramatically changing perimeters and breaking apart traditional "edge" security into distributed pockets of security, each architected specifically for the application or architecture it's protecting.
The nearly ubiquitous use of HTTP as the de facto application transport protocol (it's the new TCP, you know) has led to an increasing rise in the elimination of network access and an increase focus on application access, as well as more attention being paid to the security dangers inherent in the application layer.
The rise of connected things both internal and external to the data center are of course a concern; putting pressure on networking and security operations alike to adjust in rapid fashion to an increasingly complex array of connections, applications, devices, people and data.
And of course attacks are on the rise, with the DPS of a DDoS having doubled in just the past few years.
These are all changes. Some good, some bad, some inherently neutral, but all impacting security in one way or another.