Security and data privacy are two inseparable issues regarding Internet of Things (IoT) implementation. Most research discusses the method of overcoming these issues by utilizing IoT reference architectures, namely application, network, and perception layers. Studies present information about what kind of attacks appear in each IoT layer followed by how to prevent and mitigate said attacks. Moreover, some researchers conduct inquiries in regard to security issues emerging in cross layers and the integration of multi-layer architecture. In this research, we try to use different perspectives to examine the problems and solutions concerning IoT security. We involve technical and non-technical elements for managing these problems and propose an integrated model in which actors—regulators, industry, and users—actively participate in addressing security and data privacy issues that arise on every IoT architecture.