Research in the context of user awareness has shown that smart-home occupants often lack cybersecurity awareness even when it comes to frequently used technologies such as online social networks and email. To cope with the risks, smart-homes must be equipped with adequate cybersecurity measures besides the knowledge and time required by smart- home occupants to implement security measures. In this paper, we explore potential threats in AI-powered smart-homes and identify a list of cybersecurity controls required to mitigate their potential impact considering attack vectors, as well as the time and knowledge required to implement a control. We use optimisation to identify the best set of controls to minimise the risk exposure considering these metrics. Our comparative analysis against a random selection approach highlight that our approach is at least 25% better at minimising risk. Finally, we show how improved knowledge or time impacts the risk.