[Warning: I’m mostly rambling.]

As usual you need to be careful with metaphors: they break once pulled hard enough.

The metaphor implies the security layers are independent, and always addictive. Often they aren’t - they interact with each other, and often the presence of one layer makes the other worse. It’s like double bagging condoms - they rub against each other, so they make you less protected than if you wore a single condom.

The “holes” are often dynamic, and they might change place over time. Sometimes the vulnerability crossed a hole of the first slice, hit the second slice and stayed there, until the second slice’s hole aligns with it. Then the vulnerability crosses into the third slice, so goes on. If you’re dealing with human beings, that’s basically any system.

“NEEDS MORE LAYERS!” is not always the solution. Sometimes you’re better off - in cost and security - if you replaced a few layers with a better one. Try mozzarella instead of Emmenthaler.