You can also listen to the interview in the audio version.
A year ago, the Czech Avast became the multinational Gen Digital, and Ondřej Vlček became the president of the company, which employs 3,500 people and has sales of 3.85 billion dollars. “A lot has changed. The whole concept was that we’re building a new company, it’s not like one company is absorbing another. There are a lot of changes, both procedural and team. I would say that we are about 80 percent done with the integration,” says Ondřej Vlček in an interview for the program Agenda SZ Byznys.
The company now faces big challenges. “According to various assumptions, up to 90 percent of all content on the Internet will be generated around 2026. Only 10 percent ungenerated. That is already three years from now, so there is a need to have a mechanism that proves the origin of the author. Artificial intelligence is able to make a credible-looking video in a few minutes, but it does not correspond to reality,” says Vlček.
How has your role and job content changed after the merger?
The job description is somewhat similar to the one I had at Avast 6-8 years ago. Only to a much larger and more global position. Today I am in charge of all product, technology, innovation and customer support – i.e. the technical part of the company. Because I’m still a technologist at heart, it’s a job I really enjoy.
Are you more in the Czech Republic or America?
I’m mostly in the Czech Republic, but I usually travel to America once a month.
Already at the beginning of the merger, you announced that you would lay off around 25% of the people. Has this happened yet?
Yes. This part of the integration is done. The overlaps that these two companies had were resolved last year. We currently have about 3,500 people on three continents. North America, Europe and Asia. We have 1,000 people in the Czech Republic – this is admittedly a slightly lower number than Avast had, but on the other hand, the Czech Republic is the largest country of all where we operate.
We are committed to reducing debt
A year apart. Could something have been done differently when connecting to Norton LifeLock? Better? Maybe so that the number of paying users doesn’t drop at the beginning of the year?
That decline was not related to the merger, but rather to the macroeconomic outlook. Great things can always be done better and everyone is a general after a battle, but overall I think what we did was right.
Avast a GEN
- In 2022, the giant merger of former competitors – the Czech Avast and the American NortonLifeLock – was completed. The new internet giant was named Gen. The deal was worth $8.6 billion
- The new company has more than half a billion users.
- From a small company founded by Eduard Kučera and Pavel Baudiš in 1988, Avast has grown into a major global player
- The new company covers all the existing brands – i.e. Norton, Avast, LifeLock, Avira, AVG, CCleaner and ReputationDefender.
- The head of Avast, Ondřej Vlček, holds the role of president in the new company, with responsibility not only for products, development, technology and innovation, but also for customer services.
- In addition to him, the management of the company includes Michal Pěchouček as technical director and Vítězslav Šantrůček as development director.
- On the world market in the field of antivirus, the company competes with, for example, Kaspersky Lab.
From the point of view of economic results, you are doing well now. When will the price of shares that lost a fifth of their value after the merger rise?
We strive to deliver the best products, customer growth, and other metrics that investors care about, and we hope to build that interest over time.
Is the reason a large debt?
Definitely. We perceive that the classic limit even on Nasdaq is three times EBITDA. We now have 3.8 times. Indebtedness was a necessary condition for the whole deal to take place. By fiscal year 2027, we have a commitment to reduce that to below three.
Artificial intelligence has fundamentally changed everything
How much has artificial intelligence changed the market?
Fundamentally. We often say that our biggest competitor is not other companies that deal with cyber security, but attackers. Every day they try to come up with ideas to get around us. Create your pieces so that we don’t catch them. They keep us on our toes all the time. In the last year, this has become significantly stronger with the advent of generative artificial intelligence. There is a huge increase in attacks on people.
Previously, we traditionally distinguished attacks into binary attacks – i.e. viruses and various ransomware that attack devices, and attacks on people that try to confuse and rob them in some way. This second category is now significantly helped by AI. It allows an attacker to create fraudulent messages, SMS and emails much more believably.
What is the ratio of these two types of attacks now?
Today roughly one in three. And we expect that number to continue to grow. Device attacks are and will be on the decline. Man is today the weakest link in the chain. If I put it through the lens of an attacker, a person is able to fail most reliably.
Thanks to AI, you can make a professional attack on the cheap
It has always been said that strikers are one step ahead. But aren’t they a few steps ahead today thanks to AI?
I don’t know how many steps ahead they are today. But it is definitely true that today, thanks to AI, you can cheaply carry out an attack that was reserved for professional hacking groups and highly trained attackers just a few years ago.
A fundamental twist occurred when tools began to be created that would allow the attacker to download data from social networks in some block mode. From a million accounts, they are able to get information about you – where you move, how many children you have – and then use this data for fraudulent messages.
So while in the past a hacker had to be a seasoned pro, today anyone can do it and the number of cybercriminals is on the rise?
You can say that. In the past, a sophisticated phishing attack was only used against investors – it was expensive and took weeks or months to execute. Today, thanks to data from social networks, it is also feasible for the general population. Precisely thanks to generative artificial intelligence.
These are exactly the things that are more difficult to solve today. There are not many effective solutions. Detecting if a given content is a scam is difficult today. In order to solve this problem in the long term, the entire infrastructure will need to be changed. Specifically in audiovisual content, this means that over time it will be completely normal for every legitimate and authorized piece of content to be signed in some way.
According to various assumptions, up to 90 percent of all content on the Internet will be generated around 2026. Only 10 percent ungenerated. That is already three years from now, so there is a need to have a mechanism that proves the origin of the author. Artificial intelligence is able to make a believable-looking video in a few minutes, but it does not correspond to reality.
Real content on the Internet should have a “signature”
How do you not become paranoid about all this?
We are thinking about what could be done about it. We see it as a business opportunity. I think it is a huge problem for the whole society and its stability and for some ties between people. We will have to face this. One of the possibilities is the content authorization. Already today, a consortium of approximately 200 companies has been formed, which is solving how to provide a signature to authentic content so that it cannot be falsified. I hope it will be used before 2026.
Has this all that we describe changed the content of your work?
The difference is not in what we do, but rather in how we do it. Three-quarters of attacks today consist of confusing the user. It’s no longer just about uncovering pieces of the virus, although that’s still the aforementioned quarter of the job. The remaining three quarters are a bit of psychology, because neuroscience also comes into play, how to protect the user as much as possible at a given moment. We thus have much more multidisciplinary teams than 10 years ago.
We have 6-7 core blocks that we want to address. This starts with protecting against AI-led attacks across digital identity networks and content origins. We have a new product in beta in the US. An application that allows the user to verify whether a given piece of content is a scam or not. This can apply to any SMS, email or social media post. Going forward, I think it will be applicable in the real world as well. I take the piece of paper that came to me, take a picture of it and ask the application.