This is a month or so old, but good reading. PWC research on global state of information security.

Net: High-level: Strategic priorities for the next year: 10 most common answers.

Disaster recovery/business continuity
Employee awareness programs
Data backup
Overall information security strategy
Network firewalls
Centralized security information management system
Periodic security audits
Monitoring employees
Monitoring security reports (log files, vulnerability reports and so on)
Spending on intellectual property protection