Separate vendors mitigate the risk of a retirement attack.

Say both secure elements of every MK4 are compromised. (very low probability, IMHO) Let's say every seed gets transmitted to Coinkite via some backdoor Wi-Fi attack. (Again, very unlikely.)

If you have a multisig wallet made of a seed signer, bitbox02, and a cold card, you have nothing to worry about.

If you have three cold cards, you have a problem.

I think it's reasonable to use a cold card plus two or more other wallets from different companies or build your own, but I encourage you to read Fkaxman's guide yourself.