Is Open Source hindering the evolution of the net?

By Gary Roberts, CRO, Forrit.

  • Friday, 17th May 2024 Posted 6 months ago in by Phil Alsop

The beauty of our internet is its ongoing evolution. Since the 1990s, we have moved through several iterations of the web. From the informational era (Web 1.0)  of static websites, limited interactivity and dial-up connections - where the internet was designed to disseminate information through the birth of search engines. Fast forward to Web 2.0, the social web, in the mid-2000s that introduced us to dynamic and interactive content, rich internet applications, social media and collaborative user-generated content. It is on the cusp of an exciting new era, one that holds the promise of a more powerful web than we've ever seen.

Web 3.0 is anticipated to provide greater intelligence, automation and personalisation capabilities, and is set to revolutionise communication and content creation. Brands will be empowered to leverage technologies such as the metaverse and AI to create immersive, decentralised, and interconnected virtual experiences. 

But what will it take to get there?

Is the internet fit for purpose?

It's no surprise that marketing and IT leaders are buzzing with excitement about the possibilities of innovations such as Web 3.0, the metaverse and AI. They see the potential to elevate their online presence and boost their bottom line. However, there’s a challenge: their current web platforms are holding them back from fully embracing this future. Security issues, open-source vulnerabilities, ungoverned sites, and outdated CMS systems are all contributing to the unravelling of the web.

How do we know this?

At Forrit we conducted a comprehensive survey involving more than 500 key IT and marketing decision-makers to understand the challenges hindering the evolution of the internet. The results are worrying. While a majority (89%) of respondents expressed optimism regarding the transformative potential of Web 3.0 and the metaverse in reshaping how we interact online, a staggering 87% harbour concerns that the present condition of the internet will impede the realisation of these innovations. 

There are some clear concerns regarding the technologies and CMS platforms used by brands to enhance their digital presence, namely websites and third party plug-ins. Our findings reveal a pervasive reliance on CMSs vulnerable to security breaches and lacking scalability, even within highly regulated sectors. This is with CMS solutions relying on open source and organisations utilising multiple legacy or isolated layers of web management platforms.

Our survey indicates that more than half of respondents (57%) admit to the presence of security flaws on their websites. Such vulnerabilities can profoundly impact brand loyalty, as highlighted by over 84% who acknowledge that customers would lose trust in the brand upon discovering these security flaws.

These obstacles are likely to result in heightened platform outages, an increase in the exposure of existing security weaknesses, with potentially disastrous consequences, and render the web practically unusable. Forget Web 3.0 - we have coined  the future of the internet "Web O.No" - the grim reality of the direction our internet is heading. The widespread adoption of Web 3.0, AI, the metaverse, and the promising innovations envisioned for the future remain uncertain until businesses can streamline their web assets and steer clear of the risk of Web O.No.

Integrating CMSs for a joined up approach

The use of multiple CMSs significantly amplifies the vulnerabilities in website security. Our survey has revealed a shocking statistic: a significant 9 out of 10 (88%) enterprises are involved in managing more than one CMS. The concern arises from the fact that deploying multiple CMSs leads to an increase in administrators and vendors, thereby introducing numerous weak points into the system architecture.

The reliance on multiple CMSs or outdated systems presents a formidable challenge to web governance. This has resulted in a concerning trend known as CMS sprawl, which makes it increasingly difficult for IT teams to manage and monitor the various systems within the organisation. For example, ensuring regulatory compliance and standards across the system architecture becomes a burdensome and resource-intensive task.

Our research highlights this concern: just over one-third (34%) of respondents admit that managing multiple content management platforms compromises their control over website content. Furthermore, nearly half (47%) express uncertainty regarding the number of individuals who have access to the site and/or the ability to upload content. Similarly, an equivalent percentage of experts (48%) confess to being unable to comprehensively track every web page and, consequently, the extent of content across their websites.

Additionally, organisations face the risk of outages, malfunctioning interfaces, and the presence of harmful content hidden within overlooked pages of reputable websites when utilising multiple website management systems. Alarmingly, 44% admit to relinquishing control over website content directly as a result of this practice.

When open source goes awry 

Open source licences are created to promote collaboration, knowledge sharing, and foster a culture of collective innovation and creativity. However, this is exactly what makes open source solutions vulnerable.

Open source projects are often built by anonymous third-party developers and rely on shared source code. This code includes plug-ins, which are essential for open source platforms to function. Plug-ins provide entry points for hackers to gain access to open source platforms, exposing businesses to serious cybersecurity risks.

CMS plug-ins can be used to exploit and manipulate open source projects, allowing malicious actors to gain access to widely deployed projects and infiltrate enterprise networks.

This vulnerability has become a major concern among C-suite execs. Take the recent XZ backdoor, for example. With millions of devices affected, the consequences for businesses can be devastating.

Composing a viable web

Building multiple content management systems on top of each other creates an unmanageable website ecosystem that IT and marketing teams simply can’t handle. The lack of visibility in their web presence means teams don’t know how many CMSs they need to manage.

In order to regain control of their websites and strengthen their online security, businesses need to move away from Open Source CMS platforms and towards a unified Composable CMS. According to our survey, 89% of businesses believe that moving to a composable architecture is the best way to protect their digital assets in the future. Unlike traditional non composable CMS, which constrains businesses within rigid frameworks, a composable platform offers flexibility and versatility. Organisations can incorporate breakthroughs like AI into their internet properties with composable CMSs. With modular components, businesses may easily adapt their digital environment to changing requirements, reducing the likelihood of service disruption.

A closed-source, composable CMS provides enterprises with the flexibility and innovation that open source solutions offer, without sacrificing data security or confidentiality. There is a bright future for the internet and emerging technologies that are shaping it, but it won’t be possible for businesses to reap the full benefits until we address the disruption within our existing internet infrastructure. If we don’t act now, we run the risk of detransitioning from a Web 2.0 to a “Web O.No”.

By Kashif Nazir, Technical Manager at Cloudhouse.
By Terry Storrar, Managing Director at Leaseweb UK.
By Manuel Sanchez, Information Security and Compliance Specialist, iManage.
By Peter Hayles, Product Marketing Manager at Western Digital.
By Richard Eglon, CMO, Nebula Global Services.
Anita Mavridis, VP of Product at Zivver, and Sue Musumeci, Director of Quality & Clinical Informatics at Chronic Care Staffing, explore practical...
By Graham Jarvis, Freelance Business and Technology Journalist, Lead Journalist – Business and Technology, Trudy Darwin Communications.
By Krishna Sai, Senior VP of Technology and Engineering.