Apple is leaning into this for cloud AI: https://security.apple.com/blog/private-cloud-compute/

Probably enough to be genuinely hard for an APT to backdoor even with insider help. Still, ultimately the security relies on Apple hardware signed with Apple keys.