Geopolitical instability is creating an environment of ambiguous and strategically choreographed tactics that sit between peace and war and which pose a major threat to business operations, according to a report from the Willis Research Network.

Known as gray-zone aggression, it has evolved into a material threat for businesses, disrupting markets, undermining confidence and creating political leverage despite barely registering corporate risk radars five years ago beyond the aviation and shipping sectors. The report warns that today it is shaping geopolitical risk factors, testing insurance policy wordings and the resilience strategies of every major sector.

The report says that executives need to anticipate, adapt and collaborate to strengthen corporate defences and maintain business continuity. It includes a number of recommendations for insurers and businesses, including re-evaluation of insurance wordings triggers and limits to head off the risk of gaps emerging in cover, and elevating gray-zone aggression as an enterprise-level risk through reviews of risk registers and strategy.

It also urges stress testing supply chain resilience through a geopolitical lens, factoring in the need for diversification, route alternatives and friendshoring to minimise the risk of bottlenecks or other disruptions.

Sam Wilkin, director of political risk analytics at Willis, said: “Our societies are only as resilient to gray-zone attacks as their weakest link. The corporate sector must not be that weak link. The past few months of gray-zone attacks in Europe have shown us that strategic foresight, operational readiness and specialty solutions designed to address ambiguity must be baked into corporate risk management programs across business sectors. I hope companies will use the scenarios to challenge traditional boundaries of risk ownership and identify unexpected connections between risks.”

Elisabeth Braw, senior fellow at the Atlantic Council and co-author of the report, added: “Today’s gray-zone tactics exploit the way our economies are connected - and that puts the private sector directly in the line of fire. Hostile countries are targeting companies precisely because doing so creates disruption and uncertainty while at the same time having two distinct advantages: plausible deniability and minimal risk of retaliation.

“This research makes clear that treating gray-zone aggression as a temporary nuisance is a mistake. Organisations that fail to recognise gray-zone activity as a material business risk will find themselves reacting too late, with real consequences for business operations, confidence and resilience.”

---