Cyber insurance is a relatively new product whose development was inevitable due to the omnipresent development of technology and smart devices. Because of the inherent characteristics of cyber risk, which is insured with cyber insurance (it is systemic, correlated, intangible and dynamic), the insurance companies are not inclined to providing a wide coverage. Lack of standardization and uniform definitions of terms in insurance contracts prevent further development of cyber insurance market. This is the case in both, stand alone cyber insurance contracts and non-affirmative insurance contracts, among which commercial general liability contracts are the most common. The selected cases from the US case law confirm confusion in the cyber insurance market and show that, to a large extent, the coverage depends on the particular circumstances of each case and the wording of insurance contract, especially exclusion clauses. For further development of cyber insurance, cooperation between states and insurance companies is important. They should work together to maximize the number of cyber insurance contracts with broader coverage, because the preventive measures, which the insurance company imposes on the insured when concluding the contract, have a positive impact on cyber security as a public good.