There's much speculation on Iran's plans in response to heightened world tensions and what it might mean in the cyberspace domain. We've already witnessed an Iranian kinetic response on U.S. assets in Iraq, so it's worth assessing whether we're experiencing cyber fear-mongering or if companies and governments should take steps to help protect themselves if needed.
The key is to ascertain if it is a viable threat. "Threat" is a combination of motivation, willingness and capability. In this case, seemingly, Iran wants to strike back at U.S. interests (motivation); believes they have little to lose, with max sanctions already in place, and much to gain (willingness); and Iran is known to have attack tools at their disposal (capability).
Recall in 2012 the Iranian hacker groups, allegedly working on behalf of the Iranian government, who conducted distributed denial-of-service attacks against dozens of American banks, as well as attempting to seize control of Bowman Dam outside New York City.
Those who raise the threat of an Iranian cyberattack as a possible or likely response in 2020 are not recklessly beating the drum.