DCMS' paper constituted the government's response to industry feedback to a consultation it ran last year on proposed implementation of the Directive. In it, the department confirmed the criteria which will define whether organisations across the sectors covered by the rules will be considered 'operators of essential services' and subject to the requirements of the new laws. The criteria for determining which organisations qualify as 'digital service providers' is set out in the NIS Directive itself.
Re: UK finalises plans to implement new cybersecurity laws
keeping in mind that the focus of the new directive is mainly the industrial control side for UK companies that fall under the scope of the critical network infrastructure of the UK i.e. what's the impact to the UK if some/all energy sectors are hit by a major cyberattack to the energy flow to UK citizens.