The Spectre attack (for example) is an innovation in breaking complex systems. It's not just a hardware bug that can be easily spotted with a more cleverly designed process, or prevented with good security practices. It's a new way to look at the very general and basic concept (not implementation!) that was introduced years ago and was considered pretty safe for all these years.
It's the complexity of everything that we do with computers that needs to be addressed, not just the quality of software and hardware testing and exploit mitigation. Mitigation techniques can't stop every unknown exploit, just some of them; in a sufficiently complex system there always will be a way to break the system in an unexpected and conceptually new way. Besides, they are additional layers of complexity on their own, and you can't fight complexity with complexity.
It's the complexity of everything that we do with computers that needs to be addressed, not just the quality of software and hardware testing and exploit mitigation. Mitigation techniques can't stop every unknown exploit, just some of them; in a sufficiently complex system there always will be a way to break the system in an unexpected and conceptually new way. Besides, they are additional layers of complexity on their own, and you can't fight complexity with complexity.