Maintaining and developing a company website is becoming an increasingly complex task. Changing regulations, new technological standards, and the growing scale of cybersecurity threats mean that teams responsible for websites must not only focus on design and performance but also respond continuously to new obligations and risks. Learn how to prepare effectively for the changes ahead and secure your company’s future—read this interview with Adam Basa, founder and CEO of DeveloPress, a WordPress VIP partner.
2025 Brings Major Changes That Can’t Be Ignored. From privacy laws to accessibility requirements and mounting pressure around cybersecurity, this year demands action.
Retargeting Isn’t What It Used to Be – It’s Time to Think First-Party Data
Last year, Google stirred the digital advertising world again by changing its plans to phase out third-party cookies in Chrome—the browser used by nearly 66% of global internet users. Understandably, marketers began wondering how to continue running precision ad campaigns without that tool.
Ultimately, in April 2025, Google didn’t completely disable cookies but announced new privacy settings that give users greater control over who can track them and how. This somewhat calmed the market—but only temporarily. Everyone knows that the external data model is becoming obsolete.
What does this mean for businesses? It’s time to build competitive advantage using data users willingly share—like newsletter signups, profile updates, or shopping preferences. This is known as first-party data. Companies are also turning to zero-party data—information users voluntarily provide, such as through quizzes or offer personalization. Contextual targeting is also gaining traction, allowing ads to match page content without tracking user behavior through cookies.
A key technological response to this shift is Google’s Privacy Sandbox—a set of tools aiming to personalize ads while respecting user privacy. Now is the time to follow these developments and plan strategies based on data that’s compliant and user-approved.
Digital Accessibility – A Legal Requirement Starting June 28, 2025
une 2025 marks the end of the transition period. The European Accessibility Act (EAA) comes into force, imposing widespread obligations on companies operating online to make their websites and apps accessible to everyone—including people with disabilities. While it hasn’t sparked media frenzy like the cookie debate, the impact on business is just as significant.
In Poland, the enforcement of these rules falls to the President of the State Fund for the Rehabilitation of Disabled Persons (PFRON), who can order companies to address non-compliance and issue financial penalties.
The new regulations will affect nearly all online stores, service platforms, and consumer-oriented websites—with one exception: micro-enterprises (fewer than 10 employees and turnover below €2 million) are exempt from full compliance. But that doesn’t mean the topic can be ignored. While accessibility is only recommended for the smallest companies for now, it’s likely to become mandatory in the future. Moreover, as major brands adopt these standards widely, user expectations will rise—affecting smaller sites too. Treat accessibility not as a burden, but as a best practice that strengthens your brand and broadens your reach.
For all other businesses, the requirements are clear: compliance with WCAG 2.1 (level AA). This means improving contrast, enabling keyboard navigation, adding alt text to images, and ensuring performance and stability. An inaccessible website isn’t just a barrier for users with disabilities—it also means slow loading times, broken forms, and unreadable content that frustrates all users. WordPress VIP helps companies meet these requirements by offering accessibility audits, WCAG-compliant implementation, and support in aligning with the EAA.
While implementing these changes requires investment—audits, code fixes, training—ignoring them could be far more costly. Beyond the risk of penalties and reputation loss, there’s the missed opportunity to connect with millions of users currently excluded from your site. Accessibility should not just be a legal checkbox—it should be seen as a way to create a better, more inclusive experience for all users.
Security – The Rising Risk of Cyberattacks and Data Breaches
Cyberattacks are now part of daily business life—and not just for large enterprises. According to Cybersecurity Ventures, global losses from cybercrime are projected to hit $10.5 trillion in 2025, making it the third-largest “economy” in the world after the U.S. and China. A recent example? Coinbase suffered a major breach in May 2025, with attackers demanding a $20 million ransom.
But the real scale of the problem affects smaller businesses and everyday users. Phone-based scams—via SMS or fake calls from “banks,” “couriers,” or “government offices”—are increasing. The goal is to steal personal data or install malware on phones. CERT Polska recently warned of a campaign that took over victims’ devices through fake links.
For businesses, the risks are just as serious: phishing forms, outdated plugins, admin account takeovers, and DDoS attacks can disable websites for hours. And many of these vulnerable sites run on WordPress, which powers over 43% of the world’s websites. Its popularity makes it both a top choice—and a top target.
That’s why more companies are choosing platforms built for demanding environments, like WordPress VIP. It combines WordPress’s flexibility with professional support, security audits, and continuous monitoring—features missing from standard implementations. This approach prevents downtime and incidents that have cost companies like Amazon and Coinbase millions in losses and customer trust.
Today, even a simple form or minor plugin can open the door to an attack. The priority must be building resilience and proactively preparing your organization—not just reacting when incidents occur.
Interview with Adam Basa, Founder and CEO of DeveloPress, WordPress VIP Partner
Where do large companies start when preparing for major changes like the EAA?
Adam Basa: We always begin by understanding where the company stands today. That may sound basic, but many organizations don’t have a clear picture of how their site functions—what slows it down, where errors occur, whether it meets WCAG standards, or how data is collected. So the first step is a comprehensive audit—technical, UX, accessibility, and legal compliance. Then comes the painstaking work of testing, fixing, and implementing accessibility and EAA requirements. But it doesn’t end there. We know websites evolve—so we help companies implement ongoing processes to maintain compliance over time. The goal is to ensure your site stays EAA-compliant, not just on the audit date.
How do you help companies handle security, given that even major platforms like WordPress are frequent targets?
A.B.: That’s true—WordPress’s popularity is its strength, but also its vulnerability. What matters isn’t just what WordPress runs on, but how it’s built and managed. Great hosting alone isn’t enough if the site is patched together with random plugins and makeshift fixes held together with “duct tape.” Large companies can’t afford technical shortcuts or lack of expert support. That’s why more are choosing WordPress VIP—an audited platform with continuous monitoring and a proactive security team. We don’t just help clients adopt this model—we also support them day to day, ensuring their websites are secure, stable, and developed with best practices in mind.
So does every company need WordPress VIP, or are there alternatives?
A.B.: Not every company. Small businesses likely don’t need such an advanced setup. But any company that’s scaling, investing in content marketing, running campaigns, or handling heavy traffic should think beyond just “having a website.” WordPress VIP is a full system for managing content, performance, and security that grows with your business. TIME, Capgemini, Salesforce, and Spotify all use it. And we help companies in Poland implement it properly—securely, strategically, and with a long-term view.
Conclusion
2025 will be tough on teams responsible for website development and maintenance. The end of easy retargeting, new legal accessibility obligations, and mounting cybersecurity threats—these are challenges that won’t disappear and won’t wait. They require not only better tech—but a new approach to daily work.
Companies that treat these changes not as a burden, but as a chance to reorganize and build a stronger foundation, will emerge stronger. With sites that respond faster to marketing needs, technology ready for the next few years, and—most importantly—greater user trust.
This article was published in June 2025 in Nowy Marketing, as part of a campaign led by DeveloPress.
