Wise words, sir.
A consumer protection approach which systematically addresses security flaws in household and commercial kit is the way forward. Maybe the banks and other businesses that are currently getting bashed will start pushing for this. Unfortunately, most security issues aren't fully understood by regulatory agencies or their political masters as the security landscape changes all the time. The public at large is equally clueless. Once this bad guy is caught (or goes off the radar) everyone will go back to sleep.
What we really need is a good housekeeping seal of approval that visibly and accurately identifies locked-down, secure-by-design hardware and software (something like a fair-trade sticker on bananas, penguin anyone?). Any respected security consortium could be funded to carry out this approval process. Manufacturers could voluntarily submit their products for approval to get the coveted sticker. Safety standards could be designed, enacted and enforced. If consumers knew they were buying secure, audited (and re-audited) hardware/software (instead of tools like McCrappee, which expires and leaves them vulnerable) they might actually do so. At least they would have a choice.
As it is now, only the security-savvy and some intel agencies (cue TLAs) seem to react quickly after flaw discoveries, usually after the horse has bolted and the stable has already burnt down. Some people patch, others bury the petrol-soaked rags and pretend it didn't happen.
There really ought to be a law.