I was wondering who this would apply to, and found this from another source:

"The directive covers 'essential entities' and 'important entities'.

Essential organisations will generally have a minimum of 250 employees, annual turnover of at least €50m or a balance sheet of at least €43m.

The essential sectors include energy, transport, finance, public administration, health, space, water and digital infrastructure.

Important entities will generally have a minimum of 50 employees, annual turnover of €10m or a balance sheet of €10m."

https://www.rte.ie/news/business/2024/1012/1475023-eu-cybers...