SECURITYWEEK argues that the traditional Security Operations Centre is obsolete because threats now move at machine speed, outpacing human-centric SOC workflows. The piece notes that attackers are deploying AI-powered techniques, with Google’s Threat Intelligence Group confirming that cybercriminals are using AI-enabled malware that rewrites itself during execution, a development described as a watershed shift.
It cites PROMPTFLUX, which uses real-time interaction with Google’s Gemini model to regenerate its VBScript payload mid-attack to evade detection, and Anthropic’s reported disruption of AI‑orchestrated cyber espionage campaigns. Data from Google/Mandiant’s M‑Trends 2026 is cited to suggest exploitation can occur before patches are released and that lateral movement hand‑offs can take only seconds.
The article argues that the SOC of the future must be data-complete and AI-native, with human analysts focusing on oversight while autonomous systems handle detection and response. Written by Danelle Au and dated 12 May 2026, it frames sovereign architectures as the next step for cybersecurity to keep pace with adversaries. according to Google’s Threat Intelligence Group