WordPress in 2015

(Nate Wright) #1

I’ve read two interesting posts with preditictions/thoughts about WordPress in 2015. Thought I’d share them and see if anyone else has come across some good ones.

Noel Tock from Human Made
WordPress in 2015

Tim Nash (developer-centric)
Tim’s 2015 WordPress Predictions

(Leland Fiegel) #2

Didn’t see the Noel Tock article, really liking what I’m seeing as far as custom dashboards and front-end editing go.

From the Tim Nash article, one thing stood out to me:

At least 1 major commercial plugin will suffer a catastrophic security bug, forcing the closure of the plugin/company behind it.

Catastrophic security bugs are pretty much inevitable these days, but when has that forced the closure of a business? Several WP-related examples have kept chugging along. Not to mention the Sonys of the world. But maybe that’s not what Tim considers “catastrophic” enough.


(Nate Wright) #3

It’s probably pretty difficult to predict such a thing. But I think probably part of what Tim is getting at is the frailty of a lot of WordPress product businesses. Many of them are all-in with one or a few products. Others may be bringing in just enough to keep the lights on. If iThemes was built entirely on a single product in a crowded niche, and handled their security issue more poorly, would they have survived their troubles this year?

It’s impossible to say, but I think probably a lot of business’s are in a much more fragile position and might not survive a significant attack on their reputation.

I often wonder what one major, negative review of my shop would do to my fledgling sales. Maybe not much. Sometimes I get the impression that buyers are just not paying any attention to anything. But it’s hard to know and it definitely puts me on edge until I can build up a solid reputation.

(Tim Nash) #4

Almost an exact comment appeared on blog this morning wondering why I thought business would close when so many this year managed to come out the other side. I didn’t go into two much detail but the reason for the expectation of closure is multiple factors.

I need to find the source to quote, but UK government report from 2013 determined hundreds of small businesses had closed in the 2010-2012 period due to what it called “Cyber attacks and security vulnerabilities” this figure was growing and the majority of these companies were in the IT sector. The main reasons for closure included:

  • Loss of consumer confidence
  • Loss of vendor confidence
  • Cash Flow issues
  • Litigation

The lack of confidence which I think most people think about during these things, is actually the easiest to manage, because it’s something you can proactively do and ultimately boils down to good communication.

Cashflow on the other hand is not normally something a company especially a small one has as much control as they would like. This is the real killer, most WordPress companies are not large, even our larger agencies are still small/medium businesses with a couple of larger companies. While it’s not true for everyone a large portion of WordPress “companies” are not cash rich, they are either expanding rapidly, shrinking rapidly or stagnating. It’s unusual to see steady growth within WordPress world currently (though there are exceptions).

Consequently when something bad happens, a business may not have the money to hire the expertise they need to get back up. Some will have those already an advantage of being a technical sector but not all. Cost of dealling with a hack can easily be 5 digits and even with the best will in the world you will be hit with some loss in consumer confidence denting any growth short term.

The really small might survive with head in sand approach, the larger will survive on reserves those stuck in the middle. And here’s the kicker, those who do everything right, who formed the company, pay the taxes, pay insurance, pay the security firm to make sure its safe etc. They are the ones who get hit hardest.

The final area is one where I’ve not heard of a WordPress company being hit yet at least not for a security breach and that’s litigation.

Both from consumers but more likely from a government dept such as the ICO (Information commissioners office) here in the UK. Data breaches can cost a fortune in fines, which come on the back of any other money paid out. Investigations are time consuming and costly regardless of the outcome. While the ICO does not make a habit of going after small businesses it has targets like everyone else. If you are the unlucky business that lands on the officers desk at the wrong time of the month then your size doesn’t matter.

Here’s the second kicker, because you are a small to medium size biz, without corporate legal council on staff you can’t get around the red tape put it off etc as larger companies can. So while you won’t be sitting with large fines and bad press you have a significantly higher chance of being found guilty even though you may well have far stringent practices of larger companies.

Made worse because (at least in the UK) if you had any practice in place then it’s the shortfalls not in what happened but in your agreed practices and paper work that matters. Most businesses could take every precaution but without supporting paper trail be deemed to have taken none.

It get’s worse, that insurance you took out, probably doesn’t cover such investigations, and insurances companies often won’t pay out without the correct paperwork. This has left me in the most uncomfortable position in the past where I’ve been having to report to the insurance company procedure hadn’t been met due to lack of associated compliance documentation, where the business had taken very reasonable precautions and a bit of bad luck and a grumpy ex employee caused all the issues. It’s a horrible circumstance to be in and is an unpleasant moment when you know they did things right, but some guy in an office is about to invalidate their insurance.

So that’s all very generic, why do I think it’s going to boil down in 2015?

Well we have a lot of small businesses in the WordPress world most are still bedroom spare time projects. A few are migrating to forming companies etc, this trend appears to be growing.

The technical expertise and barrier to entry seems to be lowering. These companies are no longer developer focused but often very sales focused with limited technical support.

More and more e-commerce focused plugins and companies are forming around WordPress, most with limited understanding of where their liability stops or indeed any understanding of the compliance issues.

Certainly in the EU litigation and compliance are becoming a greater threat to companies.

The combination of factors, means we are likely to see small fast growing, not cash rich companies, in the EU doing the right thing. While also seeing an increase of security vulnerabilities both within software and on sites.

It’s a building storm and one that feels inevitable.

To give you some background on where I’m coming from, I worked in e-commerce sector and have worked alongside PCI Accessors and for underwriters providing expertise on e-commerce and security. My former company also built one of the first commercial plugins for WordPress, which was membership software with all the legal joys, and massive insurance premiums providing software that powers peoples businesses with over $1m/month processing from our combined customers (not us sadly) through goes.

(Nate Wright) #5

And now I’m even more nervous. :slight_smile:

(Brin Wilson) #6

I predict smartphones will take over the internet and 9/10 people will be viewing websites created with WordPress (or otherwise) either on mobile devices or not at all! People will generally only be visiting about fifteen websites* (YouTube, Facebook, Twitter, Amazon, eBay, Wikipedia, Instagram, Pinterest…) and when they’re not they’ll be searching for either “kittens”, “puppies”, “sex” or “funny” (note: combinations also possible)! They’ll still be a few of us actually writing things online using laptops/desktops but even we’ll begin to lose faith in it all by about 2016…

*they’ll probably have them all bookmarked on the homescreens of said mobile devices. :wink:

(Brin Wilson) #7

(post withdrawn by author, will be automatically deleted in 24 hours unless flagged)