Rain is falling steadily in Brussels, when I arrive at Le Mess, a fine dining restaurant known for its local and seasonal food. Large windows line the dining room; today they frame a washed-out grey that mutes the room.

I am shown to a quieter corner of the restaurant, where my guest, Major General Pierre Ciparisse, is already seated, tomato juice in hand. Orders are taken without delay. Ciparisse chooses a filet américain, a thoroughly Belgian decision, while I settle for the roasted cod, served with baby spinach, lemon thyme mousseline and a potato purée.

As I ask how he got to where he is today, Ciparisse replies with a smirk. “By car.” The answer lands easily and sets the tone. Despite his rank, he does not hesitate to break with formality. His career in the military started at the age of eighteen: “I entered the Belgian Royal Military Academy, where I trained as an engineer within the armed forces.” He describes the training as “phenomenal”, marked by a strong sense of cohesion and discipline.

His early career unfolded at a moment when military communications were about to change drastically. Trained in telecommunications and transmissions, he started out in design offices before moving into operational units, deploying radio networks in the field. “Security was less about protecting content than about avoiding detection” he explains. Radios were used sparingly, antennas carefully positioned, messages kept short.

The first encounters with the internet came cautiously. “It was just starting,” he recalls. On deployment in the late 1990s, soldiers could exchange emails with their families, though messages were printed, handed out, and replies funnelled through a single connection. “It was a small revolution,” he says.

Two decades later, the pace of technological change has accelerated sharply. Ciparisse traces it through milestones. “The first mobile phones were around 2000. The first iPhone was in 2007. And now we have had five different versions of ChatGPT in three years!” he marvels. “It illustrates the speed of technological development. Things are evolving, and we do not even realise how fast it is happening.”

That acceleration, he explains, has reshaped how armed forces operate. “What we do today simply did not exist back then.” Security, once centred on limiting emissions, now extends far beyond radios. “Nowadays, we are dealing with completely different issues, from cybersecurity to the protection of data and information systems.” As connectivity has spread, so too has vulnerability. Cyberspace, he notes, is no longer just a technical concern but “an operational domain in its own right”, forcing governments to decide not only how operations should be conducted, but also under what authority.

“Cyber is not just a technical issue,” Ciparisse claims. “It raises questions about authority, limits and legality.” As digital operations grow more intrusive, the challenge extends beyond defending networks to who should be empowered to act, and within which framework. In cyberspace, the line between observation and intrusion can be thin, making oversight and legal control as important as technical capability.

In Belgium, that meant making an institutional choice driven by law. Rather than dispersing cyber capabilities across the armed forces, they remained nested within the military intelligence service. “This was not a technological choice,” Ciparisse explains. “It was a legal one.” Intelligence work, he notes, operates within a tightly defined framework, with authorisations, oversight and limits, particularly where privacy is concerned. Directing cyber capabilities from within the military intelligence services makes it possible to act when necessary, but within clear boundaries. “Otherwise,” he adds, “you end up with cyber capabilities that can defend systems, but have no legal leverage to operate beyond that.” It was on this basis that Belgium formally created its Cyber Command in 2022.

In practice, that legal framework shapes how cyber operations are defined and constrained. For Ciparisse, a key distinction in cyber operations is purpose. He reserves the word ‘offensive’ only for operations with clear military intent and desired effects, conducted outside the legal framework of the intelligence services but within the same legal framework of the conventional forces. Nevertheless, much of what happens in cyberspace falls into a grey zone. Identifying a vulnerability, for example, is not automatically an attack. “If I come to the door of your house and check whether it is locked, am I committing an illegal act?” he asks. “If I do not touch it, no. If I force it, yes.” In cyberspace drawing that line is essential -both operationally and legally.

The same pragmatic logic now shapes how Belgium’s armed forces are approaching AI. While we order desserts, two caramelised pears with hazelnut cream and vanilla ice cream, Ciparisse argues that AI is not a rupture but an amplifier – powerful, but not transformative in itself. “It does not fundamentally change what we do,” he says. “It makes things faster.” Used cautiously, AI already supports analysis and intelligence work, from automatic translation to the summarisation of large volumes of information. Its value lies in saving time, not in replacing judgement. “We are in a logic of augmentation,” he adds. “Not replacement.”

That distinction is non-negotiable. In military and intelligence contexts, decision-making remains human. “AI can create a false sense of certainty,” Ciparisse says. Operations, he notes, are defined by incomplete information, and command consists precisely in deciding despite uncertainty. AI can help surface information more quickly, but it cannot assume responsibility. Human responsibility, he insists, cannot be delegated to machines. 

AI also reshapes the threat landscape, though not by introducing entirely new risks. Rather, it amplifies existing ones. Ciparisse points to phishing, disinformation and highly targeted manipulation. “These threats are not new,” he says. “What changes is their scale and their effectiveness.” The same tools that accelerate analysis can just as easily be used to generate “very targeted, very credible messages”, at greater speed and volume. That logic cuts both ways. As AI becomes more central to military and intelligence work, the systems themselves also become targets. Models, training data and processing pipelines must be protected in their own right, extending familiar cybersecurity concerns into new territory. “The cybersecurity of AI itself is essential,” Ciparisse says. “It is not just about what AI produces, but about securing the systems behind it.”

As our desserts arrive, slightly delayed but worth the wait, Ciparisse turns to what he sees as the most serious risk posed by AI: a societal one. Poorly trained or biased models can produce distorted results that are nevertheless perceived as authoritative. “If those results are taken as truth,” he explains, “that is where the real danger lies.” The challenge, he argues, extends well beyond defence, touching education, public debate and the capacity of citizens to exercise critical judgement. “Learning to question what we read and what we are shown is becoming essential.”

Those concerns reinforce the importance of restraint in how Belgium’s military deploys AI. Defence operates in classified environments, handling highly sensitive data that cannot simply be fed into commercial systems. Training and running models requires carefully prepared data, secure infrastructures and tightly controlled access. In practice, this means using segregated or locally hosted systems, or tightly governed cloud environments, designed to keep sensitive data isolated while still allowing limited use of AI tools. “You can control how an environment is used,” Ciparisse notes, “but not always the underlying technology it relies on.”

That tension feeds into a broader European dilemma around dependence. Europe can regulate how technologies are used, but much of the underlying capability remains external. The response, Ciparisse argues, must be pragmatic rather than ideological: diversifying suppliers, investing over time and building credible alternatives without starting from scratch. “We do not really have a choice,” he says. “Either we develop our own capabilities, or we remain dependent.”

Five years from now, Ciparisse does not expect AI to have been “switched off”. The question, he says, is not whether Europe will use AI, but on what terms. “We will not go backwards,” he says. “But we can still choose how we move forward.” Outside, the Brussels rain continues, umbrellas up as people move through the city. Europe, as Ciparisse suggests, faces a similar task with AI: not stopping the storm, but adapting and deciding how to navigate it.

The AI over Lunch interview series is a project part of Virtual Routes’ AI-Cyber Research and Policy Hub. If you would like to sponsor this series, please reach out to hu*@************es.org.

Have someone in mind we should interview? We’re happy to hear your suggestions!