Customers will often ask this question when they have not heard about Joomla. We definitely will not want to build a website that is prone to security attacks.

To answer this question, we do need to provide some background of Joomla:

- Joomla is not something new. In fact, it is a fork from Mambo by the core development team in 2005. Today, Joomla powers many websites which you are not aware of.
http://en.wikipedia.org/wiki/Joomla

- For 2 consecutive years, Joomla has won the best open source software, awarded by Packt.
http://www.packtpub.com/article/joomla-wins-best-php-open-source-content-management-system

- A search for Joomla in Google.com delivers 85 million search result.
http://www.google.com/search?q=joomla&sourceid=navclient-ff&ie=UTF-8&rlz=1B3GGGL_enSG240SG245

- With increasing popularity, the security aspect of the software becomes a concern as well. The core Joomla team do provide updates very often. In fact, the integrators themselves should be careful about the implementation.
*One thing to note here: If you are publishing a website, your content is readily available to the public anyway. There is no sensitive content that you should be concerned of. Also, Joomla is not that suitable for Intranet applications or be used as an ERP.
http://www.joomla.org/content/view/1885/50/

- Joomla also comes with many extensions [or extended applications that are developed by other programmers]. The lesser extensions that you add on to your website, the higher the security of your website.