This chapter discusses the common exclusions found in cyber insurance policies, such as acts of war, insider threats, and pre-existing vulnerabilities. It explains why these exclusions exist and how businesses can mitigate the risks associated with them.