I would stick with Wordpress and use security plugins like "BulletProof Security" and "Limit Login Attempts." Then you just have to watch for updates to Wordpress and your plug ins.
Most people use "admin" as a username and can go years without doing updates. They are the ones at risk.