Summary
Despite being the most popular content management system in the world, many large businesses and organisations in strictly regulated industries are still asking, “Is WordPress secure enough for us?”
This article will give you a detailed explanation of how WordPress can provide enterprise-grade security, to help you make your own decision about whether it’s secure enough for your own business. We’ll also share some helpful tips to enhance the platform’s security and reduce its risks even further.
As technology has become more pervasive in our daily lives, cyber security concerns have intensified, especially in the workplace. Each year, we read about more high-profile cases of global brands becoming victims of malicious cyber attacks, most often with sensitive data being the real target.
As a business, you should be increasingly careful and vigilant about the technology solutions you deploy today. This is even more important for large businesses and organisations in industries with strict regulations, where the consequences of security issues can be catastrophic.
When you’re choosing a content management system (CMS) to build critical digital assets like your website, security must therefore be a top priority.
Despite being the most popular CMSs in the world today – powering almost 45% of the world’s websites – WordPress is still seen by some as the platform for smaller organisations. You’d think its popularity alone would be sufficient evidence that WordPress is secure, especially as a large fraction of that user base includes enterprises across both the public and private sectors. However, when it comes to WordPress security, there are still some question marks.
So, is WordPress secure?
Yes, absolutely.
But there are certain factors and potential pitfalls you should be aware of if you’re considering WordPress as your CMS of choice.
Understanding Security in a CMS
As business challenges with cyber security and data protection continue to grow, selecting a platform that offers robust security is crucial. But how does that work, exactly?
Ultimately, a CMS like WordPress is just a piece of software, and all software can be vulnerable to security issues in a variety of ways.
The most obvious of these is a cyber security attack, either by hackers, a virus, or malicious software (malware). Any CMS used in a business environment needs to be built to withstand these attacks on a daily basis, and WordPress is definitely capable of doing so.
Another significant risk is when software has accidental weaknesses, issues, or vulnerabilities – known as bugs – built into its code. Bugs are common in software, and they can manifest as anything from a box appearing in the wrong place on your website to a platform vulnerability that leaks mission-critical data to cyber criminals.
Bugs aren’t difficult to fix, and we’ll explain later in this article why WordPress users can be confident that these kinds of risks are minimal with the platform.
However, when it comes to a CMS’s security, it’s important to understand the following point:
The biggest security risks, and the greatest opportunities for cyber criminals, are unsafe user behaviour, lack of best practices, insufficient maintenance, and poorly built sites. Not the platform itself.
Your behaviour, and the behaviour of your end-users, is an area that can be exploited or cause problems if you don’t prioritise security. That’s why it’s necessary to take a proactive, rather than reactive, approach to protecting your data. The rest of this article will help you do that, and remove any concerns you still have about WordPress security.
Is WordPress Secure?
The misconception that WordPress isn’t secure enough for large businesses still lingers, but why? Well, the main reason is because the platform is free-to-use, and so it was initially most popular among B2C blogs and smaller independent businesses.
Today, however, this couldn’t be further from the truth. Industry-leading enterprises such as private equity advisory firm Rede Partners LLP, global investment firm Coller Capital, and global research and advisory leader Forrester use WordPress for their CMS, just to name a few. This goes a long way to proving the apprehension towards WordPress security is unnecessary.
So, let’s explore the WordPress platform in more detail to understand why these global enterprises have full confidence in the security of their data, as well as the data of their clients and partners.
WordPress is already a secure, stable platform out-of-the-box.. You can rest assured its core code is highly secure, because it’s overseen by a team of security experts who thoroughly test and quality-check it on a continual basis. They regularly release updates and reinforce any potential weaknesses before they’re exploited to protect you against any new-found threats.
A team of security analysts study the ever-changing cyber security landscape and respond to it with speed and precision.
While WordPress may be seen by some as a CMS for small businesses, the speed at which security updates are implemented is arguably the best in the world when compared to other platforms.
WordPress is also open-source software, which means all the code it’s built on is available to the public. Anyone from outside the WordPress team can view it, download it, and make adjustments to it. Users often suggest their own changes and updates to the code by submitting them to the WordPress moderator team for approval. If improvements are made to the WordPress code, these updates will be released to the global user base.
These people are part of a global community of dedicated, passionate users who work hard to ensure the platform is always developing into the best version of itself possible. Anything WordPress’s own team misses, the developer community will catch. This means users are often fixing bugs and shutting down potential opportunities for cyber criminals, keeping the platform safe for everyone else.
WordPress Security Vulnerabilities
While WordPress does have the support of some of the brightest developers in the world, who keep it as secure as possible, they can’t take care of everything for you. As mentioned earlier, your biggest security risks will probably lie within your own business, regardless of what CMS you’re using.
Additional security vulnerabilities can arise in certain scenarios, often caused by ignoring best practices or failing to take responsibility for simple maintenance of the platform.
Web Hosting
Your hosting environment is an important factor that can influence how secure and protected your data will be. Your WordPress websites will be hosted in a server that stores your files and data in a data centre.
WordPress, like any platform, should be hosted in a secure environment, with an experienced provider who prioritises security as part of their services. This should include putting proactive security measures in place for scenarios like unplanned down-time or even natural disasters.
Secure hosting should also involve automated monitoring for malicious activity and vulnerabilities in your servers and software, as well as incident response.
Before choosing your hosting service, be sure to carry out some due diligence and look into the security best practices of your host. In many cases, it’s wise to work with an agency partner who will help you with this, but more on that later.
Plugins
While the WordPress community is one of the platform’s greatest strengths, interacting with unsafe additions to the software can also be its downfall for some businesses. It’s important to be cautious of the constant stream of new features, updates, and plugins being made available, because some of them could create issues for you.
To avoid these problems, you shouldn’t download plugins unless they come from recognised, credible sources. Furthermore, you should always ensure all your plugins are correctly tested, maintained, and updated.
We appreciate this may sound complicated. For that reason, you should entrust this responsibility to a partner. When using WordPress to build and manage websites, a good agency should help you ensure everything is secure and up-to-date.
Software Updates
When you’re running a website or application on WordPress, you’ll regularly receive software updates from the platform. Any time an update comes through, it’s because certain bugs have been fixed or some improvements have been made.
It’s crucial that you keep up with WordPress updates because they’re there to keep your site secure. By leaving your site running on outdated versions, you’re at risk of a known issue being exploited by cyber attacks. Again, this should be taken care of by your agency partner so you don’t need to worry about keeping your web platform up-to-date.
Tips to Strengthen WordPress Security
If you still have doubts, there are some simple steps you can take to further strengthen the security of the WordPress CMS. Some of these more general tips can also be applied to most website platforms and other software software products in general as well.
Use a managed hosting service that offers enterprise-grade security.
You wouldn’t rent an office in a building that leaves its doors unlocked at night. Why would you place your sensitive data in a data centre that isn’t fully secure?
Some things you should consider non-negotiable for a web hosting provider to offer include:
- 24/7 support
- Back-up and disaster recovery
- Fully-managed service
- Automated monitoring and alerts
- 99.99% up-time
- 100% pass-rate for data centre audits.
Put back-up and disaster recovery services in place to ensure you’re protected from all potential risks.
To build on the above point, ensure your hosting service has measures in place for back-up and disaster recovery. This fail-safe measure will give you a way to save and recover all your data in the event of any losses.
Do not use, or allow your agency to use, any plugins from unrecognised sources.
As mentioned earlier, only use plugins from sources you trust. You should also keep all plugins and additions to the platform up-to-date, and make sure they’re rigorously tested – or, rather, make sure you can rely on your agency partner to do this for you behind the scenes.
Use plugins alongside security-specific enhancements.
You can further bolster the security of the WordPress platform by leveraging security-specific plugins such as WordFence, Sucuri, and Defender Pro. These can inform you of potential vulnerabilities or incidents so you can respond quickly before they have an impact on your business.
Don’t use tools that enable direct access to your site database from within the dashboard.
Some digital tools or extensions give direct access to your site’s database or files from within the dashboard, to make managing your website easier. This is something to avoid, because they’re often a major security risk.
Enable SSL
Enabling SSL (Secure Sockets Layer) introduces a protocol which encrypts the transfer of data between your website and your users’ browsers. This makes it more difficult for cyber criminals to steal information and data online.
Encourage your users to follow security best practices.
You can put all the security measures and data protection possible in place, but they could all be for nothing if a weak password or bad behaviour compromises your website.
Some security best practices every business can easily implement include making strong passwords compulsory among all users and introducing additional measures like two-factor authentication.
Rely on an Expert to Minimise Your Security Risks
As touched on throughout this article, another factor which will determine how secure your WordPress platform is will be which agency you decide to work with.
While deciding whether to invest in WordPress is a big decision, don’t underestimate the importance of finding the right agency partner to support you with your CMS, especially when it comes to WordPress security.
Ultimately, you should understand that:
- WordPress by itself, out-of-the-box, is secure enough for most businesses to use.
- WordPress in the hands of an inexperienced or negligent agency will create significant security risks.
- WordPress is the hands of a dedicated, specialist partner is a platform you can trust and rely on without any concerns.
Your data will be fully protected if you work with an agency who takes security seriously and prioritises it at the core of every development task they deliver for you.
That means they should be capable of handling secure architecture, testing, monitoring, updates, and ongoing support for you as part of your service. You should always take the time and care to find a specialist agency partner who has a proven track record of building robust, reliable sites, to ensure you’re minimising your risk.
WordPress is a Suitable Platform for the Enterprise
Cyber security and data protection are critical for businesses of all sizes, across all industries. But it can’t be denied that large businesses often face more severe consequences by falling victim to a cyber attack or data breach.
Choosing a platform that you have total confidence in is a necessary factor in the process of evaluating your options for a CMS.
When you have your own role and responsibilities to focus on, the last thing you want is to be constantly worrying about the security of your site. Following the advice and best practices listed in this article will provide you with a highly resilient WordPress platform with enterprise-grade security. That will allow you to spend more of your time creating an outstanding website that differentiates you from your competitors and drives business growth.
If you need more help understanding and evaluating platforms to deliver a web design and development project, read our comprehensive guide to selecting the right solution here.
Would you like these insights straight to your mailbox?
- In October 2024, Bing recorded its second-highest market share ever (4.16%), the highest since 2011.
- Yandex reached a record-high market share of 2.78% in the same month.
- This decline in Google’s market share does not account for AI-based search alternatives, meaning the real shift could be even more pronounced.
- Whilst Google is still dominant and search competitors still pale in comparison, the direction of the trend is noteworthy and something SEOs and businesses should closely monitor.
- 57% of respondents use AI daily.
- 49% see AI and traditional search engines as interchangeable.
- 67% believe AI will replace traditional search within three years.
- “Does Google realize they already had a really good search engine? The AI doesn’t work. It sucks.” (5.6k upvotes)
- “It’s shaping up to fit in with the shockingly poor Google Search results that are loaded with sponsored garbage.” (2.3k upvotes)
- “Even when you get to the first results, they are usually useless articles, AI-generated content, or sales pitches.” (2.3k upvotes)
- Tracking and analysing search trends across platforms.
- Optimising for both traditional search and AI-driven search tools.
- Enhancing conversion funnels to capitalise on the traffic they do receive.
Latest from agency
19 May, 2023
WebFlow vs WordPress: Which Platform is Right for You?
Finding a content management system (CMS) that is secure, cost-effective, and capable of delivering a website that meets all your requirements can be challenging.
As we’ve discussed in a previous article, there are lots of excellent CMSs available today, and it’s difficult to know which one will be the best fit for your specific business.
While most CMSs appear similar on the surface, with the same fundamental functionality, popular platforms like Webflow and WordPress have unique features and capabilities that differentiate them from each other.
So, selecting between these two different platforms is an important process that requires careful consideration. After all, your CMS is a long-term investment, and you need to know exactly what you’re getting before you make your decision.
To ease this challenge for you, this article will provide a direct, objective comparison between the Webflow and WordPress platforms.
An Overview of Each Platform
You want a CMS that will enable you to build sophisticated, high-performance websites, tailored to your business, with a set of tools that are simple and easy-to-use.
Webflow and WordPress can both give you exactly that in their own distinctive styles. Both platforms allow you to build and manage complex websites without deep technical knowledge, but they each take slightly different approaches.
Webflow
Webflow is a software-as-a-service product, not a typical CMS. That means it doesn’t require any hosting and is primarily delivered via Amazon Web Services (AWS) cloud servers.
As it’s a complete, mostly self-contained SaaS application, with everything built-in to it from the start, you can get up and running with your Webflow website quickly and easily.
You can use Webflow as a basic no-code website builder straight away. However, as you’ll certainly want to create a more dynamic, engaging website with a high volume of content, you’ll have to enable its CMS functionality to get up and running properly.
WordPress
WordPress, on the other hand, is a more traditional CMS, intended to build highly scalable, dynamic websites full of rich content. The platform will need to be downloaded on to hosting servers, which can all be taken care of for you if you’re going to be working with an agency partner.
WordPress is also a free, open-source platform, which means all users have access to its code. That allows talented developers to contribute to improving the platform with innovative new additions and enhancements on a near-constant basis.
As WordPress is used to build almost half the websites online today, it also has a global community made up of millions of users who offer support, collaboration, knowledge sharing, events, and much more.
Approachability and Ease-of-Use
A shared benefit of both Webflow and WordPress over certain other CMSs is their ease-of-use.
Both these platforms are approachable with low barriers for entry, even if you don’t have any existing coding or content management experience.
Webflow’s Usability
As a low-code or no-code SaaS tool, almost anyone can use Webflow to build a website.
It provides a visual drag-and-drop builder with an emphasis on enabling users to create websites quickly and easily.
When using the CMS functionality to add more content to your website, like blog posts, the CMS is simple, allowing you to publish and manage the pages of your site with great efficiency. This is in the style of a classic content editor, which will probably be familiar to you.
WordPress’s Usability
Almost anyone can use WordPress as well, even if you have no previous content management experience, hence its global popularity. In fact, simplicity and usability are arguably some of WordPress’s greatest strengths.
Almost everything you’ll need to set up and manage your website will be readily available when you first start using WordPress, making it very approachable. The platform provides you with an intuitive user interface (UI) that allows quick and easy publishing, management, and editing of content.
This is made even more efficient thanks to WordPress’s block-based editor. This is a method of building websites that offers significant advantages in flexibility, scalability, and ease-of-use.
Particularly for large-scale websites that are likely to grow and evolve, this can save your developers valuable time and money, while also reducing your time-to-market.
You can learn all about the advantages of the WordPress block-based editor in our related article here.
Their Features and Functionality
For your investment in your CMS to be successful, it will need to have a range of features and functionality which allow you to create a website that delivers on your business objectives.
Webflow’s Features
As touched on earlier, Webflow is a SaaS application in which almost everything you need is included as standard.
The core Webflow platform is all you need to build your site, although your agency will be able to add extra features for you by embedding code snippets from other services if you need them.
For example, if you want to create the ability for your visitors to subscribe to your site as members, you could take code from another platform that facilitates subscriptions and use that to integrate the functionality.
This is where the platforms start to deviate in approach. Webflow’s self-contained nature perhaps makes it a simpler platform because it doesn’t require many plugins, but that also makes it a lot more limited than WordPress.
Because Webflow doesn’t offer any plugins, you won’t be able to add many extensions that work directly in the Webflow interface. This prevents you from having one unified approach to your website management and marketing.
WordPress’s Features
Most of the things you require to publish content and manage your website on a daily basis come readily available on the WordPress platform. WordPress’s sophisticated, dynamic features that come “out-of-the-box” are a great point of value.
However, if you do need to go beyond the standard functionality of WordPress, that can also be done with relative ease. Working with an agency with WordPress-specific expertise means that you can develop bespoke features and functionality unique to your website with almost no limitations.
This allows you to tailor your CMS to meet your specific needs, and working with an agency to achieve this can still be very cost-effective.
Not only that, but passionate members of the global community are always working hard to create new features and extensions that continue to improve the capabilities of the platform for free.
How Well do they Integrate with Other Systems?
Beyond features, extensions, and plugins, your platform of choice should also be able to integrate easily with other tools and systems that are already present within your business.
Integrating with your customer relationship management (CRM) platform, your email marketing system, and other software products is an important quality for a CMS to have.
Integrating with Webflow
While Webflow can integrate with some third-party tools, this is another area where the platform is somewhat limited. You can integrate your Webflow site with other tools, but there aren’t many native integrations available. Your agency partner will need to use more code embeds to achieve this, and you’ll have to use separate interfaces in many situations.
For example, using a lead generation form from your CRM on a Webflow site will require you to build the form in the CRM first, then add it to your web page using the embed code.
Not only does this approach create inconvenience for you and your team, but the extra time spent by your agency on more complex integrations will increase the overall long-term cost of the platform.
Integrating with WordPress
Thanks to WordPress’s vast popularity, and the work of the global community, there are native plugins that can seamlessly integrate your WordPress site with almost any other tool or system.
Simply add a plugin for any third-party tool to create the ability to access that tool’s functionality directly within your WordPress CMS.
Even for more advanced requirements that need some bespoke development, like cross-platform automation, it’s usually an easier job for your development agency than it would be with most other platforms.
How Secure Are these Platforms?
Security should be a top priority when selecting a CMS. Concerns over cyber security and data protection are ever-increasing for businesses, so you need to ensure something as important as your website is fully secure.
Webflow’s Security
Webflow is mostly based on AWS, an industry leader in secure hosting, so you can rest assured your platform will be highly secure. Webflow also has additional protective measures in place to bolster the security of all the data on the platform.
Again, because it’s a SaaS product, this all comes out-the-box and doesn’t require you to take any steps yourself to secure your site.
However, that does mean you’re entirely reliant on Webflow to ensure that security is continually updated and reinforced. Neither you nor your agency partner have any control over the security of your site, which some businesses see as a negative.
WordPress’s Security
Your agency partner will typically be responsible for the hosting, maintenance, and security of your WordPress platform. We mention hosting and maintenance here because these things are influential towards ensuring your platform, and your website, are kept secure.
WordPress is already a very secure platform out-of-the-box, though. There’s no need to think that WordPress’s protection is not robust enough for a large business, even in today’s volatile security landscape. Evidence of this security can be found in the number of global enterprise businesses that have chosen WordPress as their CMS.
Of course, there are vulnerabilities that can arise in certain scenarios, like if your platform isn’t kept fully updated on a constant basis. For this reason, it’s crucial to work with an agency partner who you can trust and rely on when it comes to security, including enterprise-grade hosting and continual platform maintenance.
You can learn more about the security of the WordPress platform in our in-depth guide here.
You can also discover 10 useful tips to further improve WordPress security and minimise your risks here.
The Overall Cost and CTO
As mentioned earlier, your CMS is not only a big investment, it’s also a long-term one. You ideally need to find a platform that offers good value for money, and a low total cost of ownership (TCO), in order to achieve a strong return on investment (ROI).
Your TCO will be determined by combining everything from your hosting costs, license fees, work with your agency, maintenance, bespoke development, and more.
Webflow
In terms of costs and plans, Webflow is more expensive than WordPress. This SaaS product offers two different types of plans, a site plan and a workplace plan.
The average enterprise business with a dynamic website will be looking at costs of between £300 and £500 with Webflow. This makes it a far more cost-effective alternative than large-scale CSMs like Sitecore.
As discussed throughout this article, though, Webflow’s lack of native plugins and integrations will also make bespoke development work more difficult and time-consuming for your agency. This will inevitably drive up the platform’s TCO, and that’s something you should carefully consider when evaluating your options.
WordPress
WordPress is a more cost-effective platform, with a generally low TCO for most businesses. Its open-source nature means it’s free to use, limiting your initial costs to just hosting, agency fees, and post-deployment support. Any plugins or extensions of the platform will be licensed and paid for separately.
Since WordPress is such an intuitive and easy-to-use platform, any bespoke development work you need your agency partner to complete will still come at a reasonable cost. Similarly, whenever the WordPress platform is updated, testing and maintaining your site can be done in just a few hours. This creates a significantly lower TCO than you’d have with almost all other enterprise CMSs.
Make the Right Choice for Your Business
Webflow and WordPress are both good platforms in their own right, with plenty of value to offer. The key thing to understand when making this comparison is that your CMS of choice needs to align with your business’s unique requirements and specific objectives.
For instance, Webflow might be a suitable choice for one of your smaller competitors, but that doesn’t mean it will necessarily be a good fit for you if you need more advanced features and functionality.
Whether you’re developing a bespoke website from scratch, or migrating your existing site to a new platform, you must ensure your CMS can deliver on your needs both now and as your business grows over time.
If you need further help selecting a CMS for your website project, read our comprehensive guide to understanding and evaluating the options for large businesses here.
Would you like these insights straight to your mailbox?
Industry News
14 March, 2025
Google at a Crossroads: Declining Market Share, Stock Slump, and the Future of SEO
For over two decades, Google has been the dominant force in search, shaping the way users access information online. But recent data and a declining share price indicates Google’s once-unquestioned supremacy is beginning to show cracks.
As of January 2025, Google’s market share had remained under 90% for four consecutive months, sitting at 89.78%. This decline marks a significant shift, as prior to October 2024, the last time Google’s market share dipped below 90% was in March 2015. Meanwhile Alphabet, Google’s parent company, has seen its stock price fall 20% (as of March 11, 2025) following a disappointing earnings report and volatility in the US stock market.
While Google remains the dominant player, growing competition from other search engines, AI-driven search alternatives, increased scrutiny over search result quality, and evolving user behaviour all raise serious questions about the company’s long-term future. SEOs, digital marketing professionals and businesses must take note of these shifts and prepare for a changing landscape.
Google’s Declining Market Share: Key Trends
Google’s market share had been above 90% since 2015, but the recent downturn suggests a gradual erosion of dominance. October 2024 marked the lowest point in over a decade (89.34%), highlighting a downward trajectory that coincides with competitors like Bing and Yandex making small but notable gains:
A recent study of UK and US users found 27% now prefer AI chatbots like ChatGPT over traditional search engines. AI-driven search alternatives are altering user behaviour by providing direct answers without the need for traditional search engine result pages as tools like ChatGPT and Perplexity AI, powered by Large Language Models (LLMs), deliver instant, research-driven responses, reducing reliance on Google for informational queries.
This shift to LLMs and AI platforms is underlined by data showing:
In response, Google has started integrating AI into its search experience via the Google Search Generative Experience (SGE), or AI Overviews.
However, reaction to Google’s jump into AI has been mixed, with concerns over bias, accuracy, and its role in increasing zero-click searches, leading to outcry from the SEO world and from companies harmed. Education platform Chegg is suing Google regarding Google’s AI Overviews, alleging AI-generated content is infringing on their educational material. There are numerous examples of AI Overviews providing users with incorrect information, including suggesting users can eat rocks, stick cheese to pizza with glue, and misattributing awards to different musicians, including claiming US indie musician MJ Lenderman has won 14 Grammys, when the true number is zero, which corresponds with a recent Vox Media survey found that 42% of respondents believe Google Search is becoming less useful. While Google’s lead remains substantial, the shift suggests that users are actively exploring alternatives—not just AI tools, but competing search engines as well.
Anecdotal evidence from popular forums like Reddit suggests growing dissatisfaction with Google’s search results. Users have expressed frustration over declining result quality, increased ad placements, and ineffective AI-generated search responses:
But for now, this criticism is not slowing Google down. Recent data claims AI Overviews now appear in 42% of Google search results, and last week Google announced AI Mode, search results pages which now only exclusively show AI-generated results.
The Search Landscape has vastly changed in a short amount of time, with SEO professionals and businesses reliant on Search left no choice but to adapt to these changes. From our recap of BrightonSEO back in October 2024, we reported that when an AI Overview appears in a Google search, organic click-through rates (CTR) drop by 70%. By January 2025, a new study has revealed this estimated CTR decline to have reached 84%.
SEO isn’t dead or dying, but is evolving at a faster pace than we’ve become accustomed to. Declining CTRs due to more AI Overviews means data optimisation is more important than ever, as is having the knowledge and resources to capitalise when opportunities arise.
This evolving search landscape presents both challenges and opportunities for SEO and digital marketing. With AI reshaping user behaviour, businesses must consider multi-platform strategies and optimise for AI-driven search as well as traditional search engines. SEO remains essential, but the rise of AI-driven platforms underscores the importance of conversion optimisation and data analysis. Businesses need to make the most of their traffic, and the utilisation of tools like Google Analytics 4 (GA4) and Looker Studio for tracking user behaviour and refining marketing strategies has never been more important.
Google’s Stock Price Downturn After February’s Earnings
At the time of writing, Google’s parent company Alphabet has seen its stock fall by 20% since its most recent earnings report. Revenue growth in key sectors, including cloud computing, fell short of expectations which fuelled investor concerns as Wall Street firms cut Alphabet’s price target, citing increased competition and AI disruption. This includes Morgan Stanley, J.P. Morgan, Morgan Stanley and Citi. Analysts have explained this is due to tougher year-on-year comparisons in search revenue and anticipated increases in expenditures, such as higher spend on AI to adapt to the changing market.
Google remains the dominant player in search, but its supremacy is being tested as alternative search engines, privacy-focused platforms, and AI tools gain traction. The company is heavily investing in AI and cloud services to counteract market shifts, including plans to increase capital expenditures with $75 billion earmarked for AI development and expansion. Google has also invested $3 billion into Anthrophic, and have been boosted by the Department of Justice recently deciding not to proceed with a plan that would’ve required Alphabet to sell its stakes in AI firms.
Google is heavily investing in AI and cloud computing to maintain its competitive edge, but its cloud division’s underperformance and search revenue expectations raise questions for Wall Street, investors, SEOs and businesses about its long-term dominance. SEOs and businesses must prepare for a future where Google is no longer the sole gateway to online visibility.
Of course, there’s wider geo-political uncertainty and volatility in the stock markets stemming from the policies of the Trump administration. But this sort of stock downturn and decline in market share isn’t a surprise to many within the SEO community. SEOs and businesses crave consistency and stability, and the flurry of sweeping changes from Google over the past two years has provided anything but.
So what does the future hold?
Google’s declining market share reflects a broader shift in how users seek information. While AI-powered search tools and alternative search engines continue to grow, SEO remains crucial. The past year has seen the term Generative Engine Optimisation (GEO) coined, focusing on optimising content for discoverability by LLMs. For marketers and businesses, this marks a wider shift, from not just ranking well in search results, but adapting to the evolution of user behaviour as LLMs continue to gain precedence.
Companies must adapt by:
The search landscape is changing, and businesses that evolve alongside it will be best positioned for success. At SoBold, we can help you navigate these shifts and develop a strategy that keeps you ahead in an AI-driven digital world.
Would you like these insights straight to your mailbox?
Development
9 June, 2023
Craft vs WordPress: Which Platform is the Best Option for Your Business?
When you’re responsible for managing a new website development process, you’ll have some difficult decisions to make. Two of the most difficult decisions will be finding an agency that you can trust, and finding a content management system (CMS) that will give you the flexibility and performance to drive your business forward online.
Your CMS will play a significant role in helping you meet your specific website requirements and enabling you to achieve your strategic goals.
We’ve compared lots of different CMSs in our recent series of articles, and each of them have their own strengths and weaknesses. In this article, we’ll compare WordPress and Craft.
Ease-of-Use
It’s vitally important to ensure that the platform you choose is straightforward to manage. You’ll want a platform that’s approachable, with a low barrier for entry, to avoid any challenges in the daily running of your website.
Craft’s Ease-of-Use
Whilst Craft is an open-source CMS, it requires technical development expertise in order to manage the platform once built. Management for non-technical teams will likely be difficult, thus limiting you in your ability to build out content and new features over time.
If you do have expertise in-house, that will allow you to manage your website more easily, as the CMS itself is efficient for publishing and managing content.
Craft also makes it easy to collaborate and share responsibilities across teams without any interference or complications. For example, you can save draft versions of pages and share them with colleagues – with private links that don’t even require you to be signed in – before publishing live on your site.
WordPress’s Ease-of-Use
Conversely, WordPress is specifically built so that content can be managed in-house. WordPress provides you with a convenient, intuitive user interface (UI) that allows quick and easy publishing, management, and editing of content on your sites.
Put simply, WordPress is a more traditional CMS that’s suitable for a wider range of users and teams. It allows you to easily manage the content on the front-end, whilst also facilitating a quick time-to-market for the development of your website.
This ease-of-use also helps to share responsibilities throughout your team.
Flexibility
Flexibility will always be high on your list of priorities when looking for a CMS. Tailoring your platform to fit your own unique requirements is a crucial capability in today’s digital business landscape.
How Flexible is Craft?
Craft is all code-based, which allows you to build virtually any type of website you want, with great flexibility. The only limitations, really, will be with the platform-specific development capabilities of your agency.
How Flexible is WordPress?
WordPress also offers a great deal of flexibility and customisation, but the difference here is that it’s unlikely you’ll need to alter much about WordPress’s pre-existing tools and features to be able to build a website you’re happy with.
With WordPress, you have everything you need to build a high-performance website. But that’s complemented by the flexibility to make enhancements and seamlessly scale the platform with new bespoke features if you wish to.
Integrations
Before you select a CMS, you’ll need to ensure it can easily integrate with any existing systems your business has in place. Whilst most CMSs will be able to integrate well with a variety of third party systems, it’s important to be aware of any limiting capabilities of the platforms.
Craft’s Integrations
Integrations with the most popular third-party platforms are typically supported in Craft through plugins. However, you may need to integrate manually with platforms using API’s.
While this gives you more control over your CMS’s functionality and security, it’s another area in which you’ll likely have to spend more time and money on agency development work. Those integrations will also need to be maintained and updated manually as well, which may be a financial and time burden on your agency.
WordPress’s Integrations
WordPress’s global popularity means that it’s readily compatible with most of the third-party systems you’ll already have within your business.
You’ll have a wide range of native plugins available that will integrate your WordPress site with virtually any other tool. Even if you have more advanced requirements, it’s usually easier for your agency partner to do this bespoke development work in WordPress than it is with other CMSs.
Developer Communities
Investing in a platform that’s supported by a community of developers will provide you with additional benefits and advantages. It’s always helpful to have other users working to continuously create additions and updates to help the CMS grow and improve.
Craft’s Community
Craft has a passionate community working hard to help enhance the platform, but it’s only a fraction of the size when compared to more mainstream CMSs like WordPress.
Still, size isn’t all that counts here. Craft’s community is very supportive and highly active on channels like Slack and Discord. Craft also has a StackExchange, which is a Q&A forum that many developers use to share learnings as they work through projects.
The WordPress Community
At 20 years old now, WordPress’s popularity and global market share means it has an enormous community supporting it.
WordPress’s community consists of millions of users who work tirelessly to offer support, collaboration, knowledge sharing, events, and much more.
Any questions, problems, or requirements you have are often answered very quickly by members of the WordPress community. This also results in exciting new enhancements and features being released on a near-constant basis to drive the platform forward.
Being part of the WordPress community will also give you access to free events that help users learn to get as much value as possible from the platform.
Cost and TCO
Cost is a key factor when choosing a CMS. It’s also important to remember the up-front costs aren’t the only thing you need to consider here. Since your CMS is a long-term investment, you should be looking for a low total cost of ownership (TCO) for all your related costs over time.
Craft’s Initial Investment and Ongoing Costs
With Craft, you’ll need to purchase either the pro or enterprise plan. Pro comes with a one-time payment of £250 per project, and an additional annual payment to continue receiving updates. The cost of the enterprise plan will vary depending on your requirements and usage.
As mentioned earlier, the costs associated with the platform may also be high. This is due to the need for agency support across many aspects of your project, from setting up your website, to integrations, to ongoing maintenance.
The actual costs of development with Craft may also be higher than with other CMSs because of the smaller scale and more specialist nature of the platform.
It’s also worth mentioning that Craft CMS hosting services are more limited than those of WordPress, again likely making them more expensive.
WordPress Cost and TCO
On the most part, WordPress is a more cost-effective platform than Craft, with a lower TCO.
WordPress is free-to-use, limiting your initial costs to just hosting, development agency fees, and post-deployment support.
As touched on earlier, achieving a much faster time-to-market will allow you to launch a quality website quickly so you can begin gaining strong ROI right away.
Another cost-related benefit of WordPress’s ease-of-use is that if there’s bespoke development work you need your agency to complete, it will usually come at a reasonable cost. Because Craft is such a niche and technical platform, bespoke development work often comes at a premium in comparison to the more widely-used WordPress.
When the WordPress platform receives updates, it’s often fairly quick and straightforward for your agency partner to test and maintain your site.
These advantages add up to create a lower TCO for WordPress than you’ll have with other enterprise CMSs.
Conclusion
Both Craft and WordPress are both great CMSs in their own right, and would serve most businesses. Although, it’s difficult to deny that WordPress is a much more approachable platform than Craft for the average user.
If you’re a team with a great selection of existing development skills, Craft can provide you with some innovative capabilities and could be the right platform for you.
The key thing to remember when making this evaluation is that you should select the platform that directly aligns with your own specific circumstances and requirements.
Every business, and every web development project, is different. Carefully consider your objectives, budget, users, in-house skills, and any other factors that may come into play. That should allow you to determine which CMS is the right one to deliver what you need.
If you need more help finding a CMS for your new website project, read our comprehensive guide to understanding and evaluating the options for large businesses here.
Would you like these insights straight to your mailbox?
Announcement
24 March, 2020
SoBold’s response to COVID-19
In response to COVID-19, we’ve put in place a number of measures at SoBold to make sure we can continue to provide our services to our clients around the world as well as do what we can to help contain the spread of the virus.
It’s helpful to reflect on the fact that we offer a service whereby the performance and outcome of work produced will not be affected at all.
We’ve moved to full-time remote work
SoBold has decided to close our office in London and have our employees work remotely until further notice.
We’re doing this in an effort to help prevent the spread of the virus because, while most SoBold employees are healthy and not in the high-risk category, we appreciate that is not the case for all of those around us, or in the wider community we live in.
We have a responsibility towards these people, including others who work in our building and those we come into contact with during each others’ daily commute.
We’ve set up enhanced support for remote work
We don’t believe it’ll cause much disruption to the rest of the team and business.
Most of our clients, for example, will be familiar with remote meetings; we regularly host virtual meetings between clients and SoBold.
All team members have access to reliable remote conferencing and workflow tools, so they can speak to anyone either within SoBold or outside of the organisation, whenever they need or want to.
This means we can continue to frictionlessly share and work collaboratively cross-functionally, with the ultimate goal of always delighting our clients and partners.
Free support to those directly affected by the closure of their businesses
We want to give back and help businesses and individuals that have been so badly damaged by the closure of their shopfronts, gyms, restaurants and other businesses in the hospitality industry.
We are offering free website help to these businesses during these tough times.
If you would like to get in touch with a team member about this, please email hello@soboldltd.com
Would you like these insights straight to your mailbox?
Digital Business
7 November, 2022
The Top Five Benefits of WordPress for Large Businesses
If you’re responsible for marketing, you’ll be well aware of the importance of a great content management system (CMS) for digital products like your website, mobile apps, staff portals, and so on. You may even need to create bespoke digital processes or systems unique to your business, such as internal training platforms or communications channels.
WordPress is the most popular CMS available today, powering almost 45% of the world’s websites. That popularity is on the rise, too, as more and more businesses realise the vast potential of the platform and the benefits it can deliver.
However, there’s still a misconception that WordPress isn’t suitable for large businesses. That’s no more than a myth, though. In fact, some of the biggest companies in the world use WordPress for their CMS.
But what are the specific reasons why that popularity has spread into the enterprise market over the past decade or so? To answer that question, let’s take a detailed look at the benefits and advantages WordPress offers large businesses:
1 – Scalability and Agility
WordPress is famous for its high level of scalability. However large your company, or the size and complexity of your site – as well as the amount of traffic passing through it – WordPress won’t have any problem managing that load.
Scalability is one of its most prominent advantages for large businesses, because it’s also agile enough to easily evolve and grow alongside your changing requirements.
The platform is more robust than most realise as well, with enterprise-grade performance and speed. This great performance also means user adoption and retention will always be high, helping you drive strong return on investment (ROI) on all the digital products you build.
2 – Flexibility and Customisation
WordPress is equally renowned for its flexibility and customisation, which are particularly useful for complex or bespoke development projects. You can use its flexibility to build bespoke features and functionality into your website or create an entirely unique system from scratch.
In large organisations where company-specific processes and workflows are common within your sites, this makes WordPress a highly beneficial option.
3 – Fast Time-to-Market
Thanks to its simplicity and intuitive usability, WordPress is a very efficient platform to build with. That gives you the advantage of delivering development projects with a very fast time-to-market. This is a significant benefit of any CMS, as it helps you save time, reduce costs, and provides more opportunity to test, iterate, and innovate.
4 – Integration
WordPress is very easy to integrate with other systems. Because most large enterprises have a lot of legacy technology to consider when implementing new systems, this is a huge benefit WordPress has over more cumbersome CMSs.
WordPress also integrates very well with back-end systems that are vital to your daily operations, such as HubSpot, Salesforce, PowerBi, and so on. This minimises disruption to your business while integrating WordPress into your existing tech stack.
5 – Low TCO and Strong ROI
WordPress comes with a very low total cost of ownership (TCO) when compared to other options. Unlike most CMSs, you won’t need to invest heavily in adding new features or capabilities, and you won’t need to worry about expensive extra work to manage upgrades or updates from the platform.
Because WordPress is so agile and rich with dynamic capabilities and features, it’s also proven to deliver strong ROI in both the short and long-term.
From a long-term value perspective, your initial projects won’t just stop at initial implementation, either. As your project or requirements evolve and your business grows, WordPress can seamlessly adapt and grow with you.
Other Points to Consider
It’s important to remember that every business, and every project, is different. While the benefits listed here do make WordPress an excellent CMS, you should still carefully evaluate how well it aligns with your specific objectives, requirements, budget, and other needs.
It’s also important to understand that most businesses will need the support of an agency with platform-specific skills and expertise to help you leverage a CMS to its full potential. As is the case with all platforms, it will be vastly easier to achieve your objectives and gain greater ROI, if you have the support of an experienced specialist partner to guide you.
If you’d like to learn more about WordPress, or need help deciding whether it’s a suitable option for your own requirements, we have a comprehensive guide to evaluating and selecting the enterprise options for a CMS here.