That's a big assumption to make, and one which is not true. FTX was the second biggest exchange in the world. Everyone assumed they would have decent security, and instead they had an unsecured group email account. Everyone assumed Coinbase had good security, and instead their data was being sold by a third party. Everyone assumed that Binance, that Bitfinex, that KuCoin all had good security, and all have been hacked and had coins stolen.

The fact is that we have absolutely no idea what security exchanges do or do not have. You are trusting complete strangers, who have shown time and time again that they are grossly incompetent. Handing over coins or data to any exchange is a huge risk.