Security defaults are intended for smaller tenants, such that do not have the necessary licensing to leverage CA policies. They're just an attempt to improve the security posture of such customers, and also as an alternative for the free per-user MFA controls. The feature is not intended for larger customers, or those that have specific needs WRT to authentication.
In fact, if there is at least one CA policy enabled within the tenant, you cannot toggle Security defaults:
Your organization is currently using Conditional Access policies which prevents you from enabling security defaults. You can use Conditional Access to configure custom policies that enable the same behavior provided by security defaults.