The entities covered by these requirements include <operators of critical information infrastructures> in some sectors (financial services, transport, energy, health), enablers of information society services (notably: cloud computing, e-commerce platforms, Internet payment, search engines, app stores, and social networks) and public administrations.