iPhone security is great, but they had a really embarrassing issue in the backups around iOS 10 - where they were sha hashing the backup password and storing the result in the backup. (This was in addition to the password handling which was a properly designed PBKDF2, etc). I don’t think their security skills are very evenly distributed. Perhaps they are growing the dev team too quickly and the experienced devs are spread too thin.
iOS is probably a larger target, so it's pretty clear that the obvious choice is to put most of your security talent there. That being said, core OS fixes propagate to both systems due to their shared codebase.