Almost a Third of Leading Company Websites Face Weekly Cyber Threats

Storyblok Research Uncovers Alarming Frequency of CMS Security Issues in Major Enterprises.

In a stark revelation, new research by enterprise Content Management System (CMS) provider Storyblok indicates that 32% of major company websites grapple with fresh cyber threat issues on a weekly basis. The study sheds light on the pervasive cybersecurity vulnerabilities haunting even the world’s most prominent business platforms.

Surveying Cybersecurity Concerns

Storyblok conducted a survey involving 530 professionals actively using a CMS across the US, UK, Germany, Sweden, and the Netherlands. The key insights from the research are as follows:

- Security Worries: 69% of UK professionals express concern about the security of their CMS, surpassing the global average of 64.3%.

- Priority on Security: An overwhelming 80% deem security as extremely or very important when selecting a CMS.

- Frequency of Issues: A concerning 32% report encountering new security issues with their CMS every week, and for 7%, it's a daily occurrence.

- Impact on Content: Almost half (46.4%) had a CMS security issue affecting their content.

- Security Updates: 21.7% conduct security updates 5-9 times per month.

ISO 27001 Certification for Storyblok

Addressing these cyber threats, Storyblok announces its ISO 27001 certification from TÜV Rheinland, an independent third party. This certification attests that all aspects of Storyblok’s products, operations, support processes, and data storage adhere to the highest international security standards.

High Costs of Security Lapses

Security lapses continue to extract a hefty toll on enterprises. According to Forrester's report, "The Four Tenets Of SaaS Application Security And Protection," the costs of insufficient data protection in a SaaS application can exceed $3 million to $3.5 million per incident.

CMS Vulnerabilities: A Perennial Challenge

Many CMS platforms, often open-source, are inherently vulnerable, presenting a considerable challenge for security. The absence of a central authority accountable for identifying and patching CMS security vulnerabilities exacerbates the situation. Open-source platforms, while fostering collaboration, can lack robust accountability for security issues, leading to critical vulnerabilities.

Rethinking Security Solutions

Dominik Angerer, Co-Founder and CEO of Storyblok, acknowledges the notorious reputation of traditional CMS for security concerns and emphasises the significance of obtaining the ISO 27001 certification. He asserts that Storyblok ensures enterprises using their CMS operate on the most secure, enterprise-grade headless CMS available.

Implications for Enterprises

Security emerges as a formidable challenge for modern enterprises. The three most prevalent CMS platforms—WordPress, Joomla, and Drupal—support over 75% of all CMS-powered websites. According to a Sucuri study, WordPress is deemed the most vulnerable CMS, followed by Joomla and Drupal.

Storyblok's research underscores the prevalence of CMS security breaches in major enterprises, prompting a need for innovative solutions. Enterprises may need to explore alternatives, such as adopting a headless CMS approach, to mitigate vulnerabilities and bolster their cybersecurity posture.

A message from our sponsors, The Ideas Distillery: 

If you would like to look at how to implement an ISO 27001 information security management system, then simply contact us.

Or, if you want to see what's involved in more detail, then get a completely free, no obligation, totally tailored ISO Gap Analysis for your business (only available to UK businesses).