This document discusses critical infrastructure security in the energy sector and outlines challenges, threats, and recommendations. It defines critical infrastructure as any facility whose damage or destruction would significantly impact customers, grid reliability, national security, the economy or public health and safety. The document recommends that companies individually define and identify their critical facilities, assess security guidelines, and implement workshops to support industry. It notes recent cyberattacks like Stuxnet and outlines potential weak points and attack strategies at the facility and management levels, including available information on past terrorist attacks on international critical infrastructure related to electricity, oil/gas, water, and transportation.