My take on this is that rogue access point detection is something that should only be done after other, higher priority items are taken care of. Are rogue access points a big deal? Sure. But are they a bigger deal than 7 character passwords, no account lockout, or access control policies that allow anyone to install any software not explicitly denied by antivirus? I think not.
As you probably would guess, I'm a big believer in the SANS top 20 critical security controls. The best thing about the SANS 20 CSCs is that they are actually ordered to help you figure out what to do first. What controls give you the best bang for your buck? No need to guess when you are using the SANS Top 20.
So where in the 20 CSCs do rogue access points fall? They fall well behind CSCs #1 and #2 (hardware and software inventory, respectively). If you don't have basic blocking and tacking down, do you really need to consider rogue access points? Wireless controls are #15 on the list of CSCs. Open wireless or WEP (gasp!) is a big deal. But if you've implemented WPA-PSK, how much should you worry about rogue APs?
Yes, rogue APs are a threat. but every one of us is carrying a rogue AP in our pocket these days (your smart phone). It's hard to track all of the access points that pop up. This particular client has office space in many different multi-tenant areas so we have to deal with other access points in the area that the client doesn't control. This makes it really hard to detect the rogues. Not impossible, mind you. Just difficult.
If you are in an area where mutil-tenancy isn't an issue, you'll still need good policies to prevent the use of wifi hotspots that all users have on their phones. With those polluting the spectrum, separating "authorized" hotspots from rogue access points can be a real challenge. At Rendition Infosec, we advise clients that hunting rogue access points is likely very low on the security spectrum. We advise that clients only undertake such an endeavor when they have achieved at least baseline success in more important security controls.
One important distinction that I'll make is that evil twin access points will always be a threat. These are access points with the same (or in some cases very similar) names to the legitimate access points in the environment. Periodic surveys of the wireless environment will help detect these. A good WIDS system can help with this as well. When discovered, evil twins should be physically located and investigated.