Because you don't bolt security on top of an existing system. You include it in the design of the system.

Can you please include enough technical details to have a discussion instead of making assertions so broad that they can't even be wrong?

It's more a matter of best practices than technical details.

You can build a skyscraper on top of the foundations of a shed, and the kernel devs have done an amazing job at that, but at some point you gotta conclude that maybe it is better to start from scratch with a new design. And security is a good enough reason.