I worked in an IT department for a communications company that worked with AT&T where, at least once a month, I would find a different way to suggest to a different team lead to check out EMET in case we ever got targeted.

It got ignored.

If they ever get hacked, I won't be surprised.

Yeah, who is routinely ignored by the rest because they are too busy with deadlines or something.

do you work somewhere where management/the board outranks IT and can decide "that sounds too expensive."