I don't think this is that much to do with executive leadership. Many of those cyber experts only have a job because of Microsoft based tooling and vulnerabilities, and so they will prefer things they know over things they don't know (e.g. implementing permissions across a Linux estate).