A lot of times the argument here amounts to: "Your IT department/integrator are at fault!"
The problem is: a very large amount of users do not have those things, and manufacturers are specifically targeting segments that do not have them in their marketing, by making things easily available online or in big box stores (Q-See, Ezviz, Swann, Lorex, Nite Owl, etc., etc.), and making claims about how easy to install and use they are, without network setup, etc.
So if you make those claims, and then you have significant vulnerabilities, are you not at fault?
Are we really prepared to take the position that even home/DIY users who have been specifically targeted by manufacturer marketing are at fault? That seems incredibly regressive to me compared to the alternative: manufacturers step up and fix it.