Hmm... it looks like CIOs want to see more of Google Apps. Most of them, at least.
The major concern appears to be security; the CIOs know that Google Apps are cheaper than Msoft products and have portability, but are worried that they can't keep their excruciating standards in place for security. Assuming that sooner or later they'll realize that it's cheaper to outsource security (following the lead of cybercrime, and any government in the history of civilization), the real question is; what's the best way for Google to improve security?
The question isn't whether or not Google can provide excellent security, but whether or not the inevitable Google Crack will affect every company using Google Apps. The worst case scenario would be a team of hackers with easy access to every secure document and database from every company in the world, a PR nightmare even for Google. That's really what worries everyone using Google's services; that someday Google's main servers will be hacked and all the information they've got will be up for grabs.
It's a good thing that Google hasn't really got anything useful on their services yet. Now would be a great time for Google to announce (if they have one, or implement if they don't) a cell system of security; layers and parallel systems with different types of security, not just different passwords. Ideally, they'd be able to create a different cell for each business using their system and allow each business to pick and choose from a plethora of security options; a buffet of firewalls and fences suited to each business's wants and needs.
Whether or not these security services would come at a premium is a question of whether Google wants to do evil; it'd be all too easy to charge more and more for increasing security.
But if Google wants to keep its corporate motto safe (well, do as little evil as they can), they'll not only offer a suite of different security systems, but make all of them equal in quality. The point isn't to charge a premium for better security; it's to make sure that CIOs have a hand in managing their risk considering how likely an eventual break-in is.
The facts that Google could add new security options and make them bonuses instead of otherwise unnoticed upgrades and their new appeal for small businesses are icing on the cake compared to the potential business they could gain from Msoft if they upgraded security in a way allowing customization and the comfort of a cell of storage a customer could watch carefully. CIOs want to follow the words of Mark Twain and 'put all of their eggs in one basket, and guard the hell out of that basket!'