diff --git a/CHANGELOG.md b/CHANGELOG.md
index 130bdce0cc1..3769b745b85 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -220,8 +220,8 @@ Adding a new version? You'll need three changes:
   [#6759](https://github.com/Kong/kubernetes-ingress-controller/pull/6759)
   [#6780](https://github.com/Kong/kubernetes-ingress-controller/pull/6780)
 - Added the flag `--secret-label-selector` to set the label selector for `Secrets` to ingest.
-  By setting this flag, KIC will choose secrets that has this label set to "true",
-  it can mitigate the memory usage in scenarios with a large number of giant secrets.
+  By setting this flag, the secrets that are ingested will be limited to those having this label set to "true".
+  This can reduce the memory usage in scenarios with a large number of giant secrets.
   [#6795](https://github.com/Kong/kubernetes-ingress-controller/pull/6795)
 
 
diff --git a/internal/controllers/configuration/secret_controller.go b/internal/controllers/configuration/secret_controller.go
index 06f1450714e..a45741777c7 100644
--- a/internal/controllers/configuration/secret_controller.go
+++ b/internal/controllers/configuration/secret_controller.go
@@ -65,7 +65,7 @@ func (r *CoreV1SecretReconciler) SetupWithManager(mgr ctrl.Manager) error {
 		labelPredicate, err = predicate.LabelSelectorPredicate(metav1.LabelSelector{})
 	}
 	if err != nil {
-		return fmt.Errorf("failed to create label selector predicate: %w", err)
+		return fmt.Errorf("failed to create secret label selector predicate: %w", err)
 	}
 
 	return ctrl.NewControllerManagedBy(mgr).
diff --git a/internal/manager/config.go b/internal/manager/config.go
index e769e76297e..0ef75563462 100644
--- a/internal/manager/config.go
+++ b/internal/manager/config.go
@@ -131,10 +131,10 @@ type Config struct {
 	GatewayAPIReferenceGrantController bool
 	GatewayAPIGRPCRouteController      bool
 
-	// KIC can only reconcile the specified Gateway.
+	// GatewayToReconcile specifies the Gateway to be reconciled.
 	GatewayToReconcile OptionalNamespacedName
 
-	// KIC can only cache secrets resources with specified label.
+	// SecretLabelSelector specifies the label which will be used to limit the ingestion of secrets. Only those that have this label set to "true" will be ingested.
 	SecretLabelSelector string
 
 	// Admission Webhook server config
@@ -284,7 +284,7 @@ func (c *Config) FlagSet() *pflag.FlagSet {
 	flagSet.Var(flags.NewValidatedValue(&c.GatewayToReconcile, namespacedNameFromFlagValue, nnTypeNameOverride), "gateway-to-reconcile",
 		`Gateway namespaced name in "namespace/name" format. Makes KIC reconcile only the specified Gateway.`)
 	flagSet.StringVar(&c.SecretLabelSelector, "secret-label-selector", "",
-		`KIC can only cache secrets resources with specified label. If not specified, KIC will cache all secrets. If specified, KIC will only cache secrets with the specified label and a value of "true".`)
+		`Limits the secrets ingested to those having this label set to "true". If not specified, all secrets are ingested.`)
 	flagSet.BoolVar(&c.KongServiceFacadeEnabled, "enable-controller-kong-service-facade", true, "Enable the KongServiceFacade controller.")
 	flagSet.BoolVar(&c.KongVaultEnabled, "enable-controller-kong-vault", true, "Enable the KongVault controller.")
 	flagSet.BoolVar(&c.KongLicenseEnabled, "enable-controller-kong-license", true, "Enable the KongLicense controller.")