Re: If you cannot patch it quarantine it
You are assuming that "they" are in a position to choose what they do. In all the cases you've cited, some PHB, or committee, will have decided what projects are going on - the grunts at the coal face just get told what they are doing.
"They" applies to the PHBs and committees.
I wish more folk round here would remember that IT don't exist in isolation. They have to follow what the business wants. The best one can do is advise; strongly and in writing if necessary.
One difficulty is that the decision makers find it difficult to understand risk. They're choosing between the certainty* of a new, shiny and probably very useful development on the one hand and a list of things which you can't be certain will go wrong on the other. They'll choose the shiny almost all the time
*And ignoring any project risks.