diff --git a/deploy/cert-manager-ibm-cis-webhook/templates/networkpolicies.yaml b/deploy/cert-manager-ibm-cis-webhook/templates/networkpolicies.yaml
index 2cb4c24..001bc88 100644
--- a/deploy/cert-manager-ibm-cis-webhook/templates/networkpolicies.yaml
+++ b/deploy/cert-manager-ibm-cis-webhook/templates/networkpolicies.yaml
@@ -27,12 +27,13 @@ metadata:
 spec:
   podSelector:
     matchLabels:
-      app: {{ include "cert-manager-ibm-cis-webhook.name" . }}
+      app.kubernetes.io/name: {{ include "cert-manager-ibm-cis-webhook.name" . }}
   policyTypes:
   - Ingress
   ingress:
   - from:
     - podSelector: {}
+    - namespaceSelector: {}
     ports:
     - protocol: TCP
       port: {{ .Values.containerPort }}
@@ -44,9 +45,23 @@ metadata:
 spec:
   podSelector:
     matchLabels:
-      app: {{ include "cert-manager-ibm-cis-webhook.name" . }}
+      app.kubernetes.io/name: {{ include "cert-manager-ibm-cis-webhook.name" . }}
   policyTypes:
     - Egress
   egress:
     - {}
+---
+apiVersion: networking.k8s.io/v1
+kind: NetworkPolicy
+metadata:
+  name: allow-egress-to-cis
+spec:
+  podSelector:
+    matchLabels:
+      app.kubernetes.io/name: {{ include "cert-manager-ibm-cis-webhook.name" . }}
+  policyTypes:
+    - Egress
+  egress:
+  - ports:
+    - port: 443
 {{- end }}