The failure rate of an individual layer of Swiss cheese should be bounded under most circumstances but not all. So you should probably have more layers when hazards cannot be eliminated.

I was trying to focus on one specific pattern without making my post too long. Alert fatigue, normalization of deviance etc. are of course problems that need to be addressed, and having a lot of layers but each with a lot of giant holes in them doesn't make a system safe.

My point was that in any competent organization, incidents should be rare, but if they still happen, they almost by necessity will read like an almost endless series of incompetence/malfeasance/failures, simply because the organization had a lot of controls in place that all had to fail for a report-worthy bad outcome.

Overall incident rates are probably a good way to distinguish between "well-run organization had a really unlucky day" and "so much incompetence that having enough layers couldn't save them" by looking at overall incident rates... and in this case, judging by the reports about how many accidents/incidents this company had, it looks like the latter.

But if you judge solely on a single incident report, you will tend to see companies that don't even bother with safety better than those that generally do but still got hit, and you should be aware of this effect and pay attention to distinguish between "didn't even bother", "had some safety layers but too much incompetence" and "generally does the right thing but things slipped through the cracks this one time".