The fact that so many publicly facing, completely insecure devices ripe for hacking were able to be assembled in the first place is one of the biggest things we should be looking at moving forward.
I think there should be a common, open-source framework for building secure IoT device firmware. Obviously people are going to be buying these things more and more as time progresses. Why not make it simple for them to implement something secure instead of leaving them to reinvent the wheel? Obviously they're concerned mostly about convenience otherwise they would have built better security in. Maybe they don't have the skill to do it correctly. Maybe they're not being paid enough. Point is that I think there should be efforts in the open-source ecosystem to help make these things easy and plug-n-play when developing a new baby monitor/security camera/etc.
And, we should publicly shame the companies most to blame for these insecure devices being used in an attack of this magnitude. Paste their names all over and make sure people KNOW that they're buying utter insecure shit that may be used to attack others. Not to mention your own privacy and security regarding cameras/microphones/security devices, anything even semi-critical really.