"SSL decryption" (through a firewall-controlled CA and on-the-fly MitM) is a feature offered on most "expensive" firewall appliances, so one can say that most big companies can deploy SSL decryption. Whether they really do it is another matter. Common reasons for not using that feature include:
Legal concerns. In many jurisdictions, employees are allowed some level of personal usage of the company-provided computers (in the same way that people can use the company phone for short personal calls), and snooping on a communication between the employee and his bank or physician would be food for litigation.
Compatibility. Many "SSL decryptors" do a somewhat flaky job; e.g. the fake server certificate that the client browser sees contains a 1024-bit RSA key that triggers warnings, or CRL/OCSP for that certificate is not properly supported. And, of course, that MitM breaks client certificates (e.g. smart cards).
User resistance. Users simply don't like the idea of their SSL data being inspected.
That last point is interesting. Firewalls that do SSL decryption use a special CA and on-the-fly fake server certificate generation for ease of deployment, but this is hardly the only method to do it. On a company-controlled office computer, the sysadmin may perfectly well install locally some software that hooks with the SSL libraries and inspects data as it flows, outside of the SSL protection. Most antivirus software do just that; and it does not cause so much user fretting. Therefore we may say that what users don't like is not that their data is inspected; what they really abhor is knowing that their data is inspected. Ignorance is bliss.
Personally, when I see such a "SSL decryption" system put in place, my first thought is not "OMG they are looking at my SSL !" but rather "At least they are open about it".
I don't have stats -- I think nobody has, except possibly appliance vendors, but they don't tell (honestly, who wants to say: "my product has a nice feature that nobody uses" ?). But my feeling and experience tell me that company-wide SSL decryption through a visible firewall-controlled CA is still something rare, whereas hidden, transparent inspection done directly on the client machine is highly prevalent. The "fake server certificate" method will become more common in the future, because it makes it much easier to support content filtering for user-provided devices (even if not going full BYOD, companies that provide a complimentary "external" WiFi for their employees prefer it when even that non-privileged network does not become a cesspool of malware and videos of questionable legalities).