The ongoing conflict between the US and Iran has brought cyber risks back into the spotlight for insurers, brokers, and businesses around the world. While the fighting is far from many insured companies, the situation is raising new concerns about the chances of routine cyber weaknesses being found and exploited, potentially leading to insurance claims.
Experts in cyber risk have shared different views on how this conflict is changing the landscape. Scott Walsh, a security researcher at Coalition, says there is a clear shift in the threat environment. He points to a significant rise in cyber scans and probing from Iranian IP addresses, particularly targeting remote access tools like VPNs and Remote Desktop Protocol. These are the kinds of entry points attackers often use to get into systems. His team noticed a big spike in these activities around mid-February, suggesting this isn’t random noise but deliberate efforts to find vulnerabilities. For insurers and brokers, this signals a greater chance that old system weaknesses could cause real losses.
Walsh urges companies to take these warning signs seriously by improving security on remote access points, monitoring public-facing systems more closely, and practicing incident response plans. From an insurance perspective, he believes carriers will likely respond by tightening underwriting standards, especially around shared cloud services and policies covering state-linked cyber incidents.
On the other hand, Scott Bailey, head of global cyber underwriting at CFC, offers a more cautious view. He says that although there’s a rise in low-level cyber activity and some headline-grabbing incidents, the overall risk landscape for most businesses hasn’t changed much. According to him, the bulk of threats during geopolitical tensions are noisy but not necessarily more dangerous. The most damaging attacks tend to target government bodies, critical infrastructure, or companies directly involved in conflict areas—not everyday small and medium-sized businesses.
Bailey emphasizes that the main risks still come from familiar sources, like phishing, stolen credentials, and outdated software. He advises brokers to reassure their clients that despite the tense geopolitical situation, basic cyber hygiene remains the best defense. Instead of stoking fear, this period should reinforce the importance of simple but effective security measures.
Together, these views suggest that while the conflict is indeed stirring the cyber threat pot, the key for insurers and brokers is to balance awareness with practical risk management. Keeping a close eye on emerging threats without overreacting can help ensure policies and protections stay relevant without unnecessary alarm. The situation shows the importance of clear communication about cyber risks linked to geopolitical events, making sure the current surge in digital activity doesn’t turn into tomorrow’s insurance headaches.