Many Websites Not Nearly as Secure as Website Managers Think, According to New Findings

New survey suggests that confidence regarding security protocols is significantly out of step with best practices, leaving many websites vulnerable to cyber attacks.

WASHINGTON, DC, May 16, 2017 — Although 80% of individuals responsible for building and/or maintaining a website believe their websites are secure, many admit their sites lack basic security measures and say they have no plans to implement stronger ones, as revealed in a survey conducted by Clutch, a leading research and reviews platform for business services.

The survey of 302 builders and maintainers of personal, business, and other websites identified several ways that their websites have been compromised. Nearly a third (30%) report being the victims of email phishing; 22% have been victims of identity theft; and 18% have experienced a hack or ransomware, such as the WannaCry attack that swept through over 150 countries last week.

Despite the growing prevalence of these kinds of attacks, 54% of respondents believe that they haven’t experienced security liabilities. Experts warn that the number of compromised websites is likely much higher.

“Many people won’t know that they’ve been hacked, or that there was a security breach,” said Kevin Ng, a web developer and partner at Wildebeest, a product studio that creates custom software. “The best attack is one you don’t know about.”

A range of 26% to 63% of respondents (depending on the specific security protocol) admit they do not currently take advantage of common tools such as password protection, 2-factor authentication, and network security.

Only half of respondents for example, say they update their applications and software when prompted. Among those who don’t currently install regular updates, only 18% say they plan to do so in the future.

Nick Damoulakis, president of Orases, a full-service, digital technology agency says many of his clients seek help building a more secure website only after their original site becomes unreliable or suffers a hack.

“Many of our clients’ expectations weren’t set up from the beginning in terms of the maintenance of those sites,” said Damoulakis.

The risks of inadequate security come in two primary forms: operational and reputational damage. Experts point out that no website is too small a target; many hackers use smaller websites as stepping stones to wage attacks against customers or clients.

To minimize security gaps, Clutch recommends that website managers implement tools such as password managers, and conduct regular security audits.

To read the full report and source the survey data visit:

For the raw data, a quotation on the findings, or an introduction to the experts interviewed for this report, contact Michelle Delgado at

About Clutch

A B2B ratings and reviews firm in the heart of Washington, DC, Clutch connects you with the agencies and software solutions that can help you enhance your business and meet your goals. Our methodology maps agencies and software solutions based on customer reviews, the type of services offered, and quality of work.


Michelle Delgado

(202) 869-3866