Let's Encrypt certs and their 90 day expiry work well because you are effectively forced to automate the renewals (and preferably have some of your own expiry date monitoring in place in case things go wrong, though LE will e-mail with decent number of days to go to the cert expiry). Once you have automation in place, the ongoing cost in terms of admin and the certs themselves is effectively zero.
Paid certs, however, are the complete opposite. They are often a horrendously bureaucratic manual process that can get held up if the cert provider decides to do a "manual security review" (i.e. actually involve a human at their end in the process). I've often been forced to go onto their live chat and beg for expediting of a reviewed cert - if i don't do that, it can sit in limbo for *days*. Having a manual process get cut ever-shorter (used to be 5 years max, then 3, now 2 - with Apple changing this to 13 months) means that the admin cost per year rises - and it's individuals/companies that will have to absorb that, not Apple.
I knew that they'd claim that possible changes in ciphers/protocols would be their official excuse for this reduction in the maximum cert life, but what is the average time between the introduction of a new cipher/protocol? Wikipedia says: SHA-0 = 1993, SHA-1 = 1995, SHA-2 = 2001, SHA-3 = 2015, so how does Apple justify less than 2 years for the max cert life? You wonder if the next step is for Apple to set itself up as a certificate authority and rake even more cash in (with certs <=13 months lifetime of course).