Windows XP was a great operating system in its day. As the first consumer OS to be built on the NT kernel, it introduced a new level of security to home and small business users who had previously been using Windows 9x. Microsoft introduced such security features as software restriction policies, smart card support and better EFS and certificate services, and XP SP2 brought us DEP and the Windows Security Center, along with the Windows Firewall.
But that was then and this is now. Microsoft has added many more security enhancements to subsequent operating systems, many of which just can't be ported back to XP because of fundamental differences in the operating systems. Their latest Security Intelligence Report highlights the fact that XP is much more vulnerable to malware than newer versions of Windows - XP systems are about twice as likely to get infected as those using Vista, Windows 7 or Windows 8. Read more about that here:
If your organization is still running XP systems, it's time to start thinking about an upgrade, especially with support for XP finally expiring in 2014, which means no more security updates. All good things must come to an end, and most security experts agree that it's time to say goodbye to XP.