There are many governments around the world who spend that much on one missile, or one plane. We should be designing systems resilient to state attackers who are willing to spend money to ruin your day. While 1-2M ETH may be enough to deter them from attacking, we have evidence that they will spend far more than this to achieve their goals, and many governments do appear to be heading in the direction of “destroy crypto” as one of their goals.
A single 51% attack is not fatal to Ethereum; if Ethereum gets attacked once we can always adjust the params to push the security budget back up. But I think the better argument here is that there are all kinds of strategies to destroy Ethereum that would take much less than 1-2M ETH: social layer manipulation, supply chain attacks on software libraries, attacks on the p2p layer, etc.
And I would argue that the best way to defend against the latter two especially is to make the protocol as technically simple as possible, minimize or avoid the use of crazy constructions that have 64 subnets etc. And that the benefits from doing that are much greater than the downsides of a “front-door” 51% attack costing 1 million ETH instead of 9 million ETH.
Security through simplicity, rather than security through getting a big headline number inside a particular mathematical model of security that doesn’t even correspond to the easiest available attack vector.