Okay, I see what you're saying. Luckily, our project was sort of a "bottom up" implementation. What I mean by that is we had a number of HTML sites that were functioning to everyone's satisfaction, but in the IT department we wanted to modernize our sites and decentralize some of the tedious editing chores. We had no budget for a project, so I went through and evaluated a good 6-8 open source project and mojoPortal won by a mile. We demoed our new site to department heads and the City Council, and they loved it, so it was full steam ahead after that.
I agree it can be difficult to get buy-in from decision makers who are already convinced that another solution is the better one, but I'm sure if you prepare a cost benefit analysis, and demo how easy mojoPortal is to maintain and operate, you'll be able to get people onto your side.
I don't know what specific security requirements you have, but I've always been very impressed by mojoPortal's security structure. In fact, I'd say that it's been designed with security as the topmost concern, and potentially useful features have been rejected by Joe because they might compromise security. I mean things like the ability to edit the config files for the site, through an interface within the site.