The legislation mainly applies to “Essential Service Providers” (“ESP’s”) as well as Digital service providers. These service providers (to be designated by the countries’ authorities) will also need to be compliant. Europe is aiming for a high and common level of security of network and information systems for all ESP’s because they are so important for the security and economy of a country.