My guess is that nobody is going to sell coverage for fines that could range up to €20 million that can be assessed under a set of regulations as vague, difficult to follow, and up to interpretation as GDPR.
There's nothing difficult to follow in GDPR... unless you're specifically trying to continue collecting too much personal data while trying to skirt the law.