Are the business leaders and their "collusion" with the vendors. It's all too easy to require new IT talent to be "Cisco-certified" or Java-certified or this-or-that certified. Think about it. Cisco wants their certified engineers to be "recipe-followers". If they run into a brick wall, they're supposed to run home to mama so the business can buy Cisco support time and contracts. Likewise, the business doesn't want to risk it with someone who isn't Cisco-certified because that gives Cisco an out in case things go wrong (i.e. "your guy messed with something he shouldn't have messed with, covered in clause 32-a-X-35-b-VII-(x$^32) in the support contract, written in 2 point Arial font in white ink. Pay us more or fuck off.").
The same principle applies to other technological areas. I'm not defending them, simply pointing out their (twisted, so-so far gone) logic. It's about risk management and having someone to blame (or sue). That's what the suits care about. It's the single, solitary reason M$ was never in any real danger from Linux on the desktop - corporate IT departments were NEVER going to move away from being able to point the finger at Redmond when shit went down. It's all about self-preservation, really.
Remember that in business (moreso in BIG business), the higher up you are, the more important it is to cover your ass, over being good at your job.