The implementing act provides rules that further specify elements and parameters for setting the security and notification requirements for digital service providers (i.e. cloud computing services, online marketplaces and search engines) in the EU. The Directive on Security of Network and Information Systems (NIS directive), adopted in 2016, is the first piece of EU legislation aimed at strengthening the EU's cyber-resilience as it helps to build national capabilities, establishes technical and strategic cooperation at EU level and introduces security and notification requirements.