diff --git a/common/playbooks/k8s.yaml b/common/playbooks/k8s.yaml
index f65da34023b1f10a62a08cae2fe897dfc3e50f4f..395faf1abeaf8eb83a8d629d742fd8c431d781c3 100644
--- a/common/playbooks/k8s.yaml
+++ b/common/playbooks/k8s.yaml
@@ -362,7 +362,7 @@
           --set controller.addHeaders.X-Content-Type-Options=nosniff
           --set controller.addHeaders.Referrer-Policy=no-referrer
           --set controller.addHeaders.Permissions-Policy="geolocation=()"
-          --set controller.addHeaders.Content-Security-Policy="frame-ancestors 'none'"
+          --set controller.addHeaders.Content-Security-Policy="frame-ancestors 'none'; report-uri /hub/security/csp-report; default-src 'self'"
           --version={{ version }}
       shell: |-
         helm status --namespace kube-system cluster-ingress