Cyber risk, namely the risk of cyber attack and data fraud/theft, has been identified as one of the risks of highest concern to commercial entities around the world. A defining characteristic of cyber risks is that they are not constrained by geographic boundaries, making it less likely that perpetrators will be identified and more likely that sophisticated protective measures are required. It is undeniable that cyber risks pose a greater risk to small and medium sized (SME) business given that they might not have the know-how and means to protect themselves against such risks. In this context, cyber risk insurance can be utilised as a risk management tool by SMEs but cyber risks insurance is a relatively new product, and there is evidence to suggest that SMEs either do not purchase adequate cyber cover to protect their business interests or the types of insurance cover purchased do not provide adequate cover. The purpose of this project, led by Prof Baris Soyer and Dr George Leloudas, (funded by Research Wales Innovation Fund) is to test the accuracy of this hypothesis through interviews with SMEs across Wales. The ultimate aim of this study is to produce guidelines for SMEs as to how they could maximise the cyber cover that they can obtain from the market and thus utilise cyber risk insurance as an effective risk management tool against cyber risks.