Yet here we are compounding the issues by adding more and more layers to these systems... The higher the level it becomes the more security risks we take.

Well you don't have room for a lot of "defensive" code. You write the program to function on expected inputs, and hope that all the "shouldn't happen" scenarios actually don't happen.