With Ukraine’s national bank, state power company and largest airport having all been targeted by malicious cyber activities, there is little doubt about the link between the security of critical infrastructure and human development. Such attacks are even more worrying when they form an element of a hybrid conflict between states, increasing the risk of escalation. And yet, strengthening the security capacities of state actors in the cyber domain is still an unorthodox issue on the development agenda.

This is despite the explicit inclusion in the UN’s 2030 Agenda for sustainable development of building resilient infrastructure (Goal 9) and the promotion of peaceful and inclusive societies for sustainable development (Goal 16). In this sense, the decision by the OECD Development Assistance Committee (DAC) not to include contributions to the NATO Cyber Defence Trust Fund in a recently updated Official Development Assistance (ODA) Casebook on Conflict, Peace and Security Activities represents a missed opportunity to clarify the link between defence and development in the case of cyber defence capacity building.