I think defense in depth is also a major related principle. Make each layer as beefy as possible in terms of security even if seemingly redundant since these help when other layers are bypassed through some exploit.

However, in my opinion one major failing of this paradigm is that while some additional layers are useful, it's still good to think about threat models and failure modes since at some point, you can't implement additional security measures due to the computational and human cost.