The energy pipeline infrastructure faces the threat of advanced cyber-attacks on the national critical infrastructure. Attackers target the vulnerabilities of the endpoints because they constitute the main entry points into the pipeline network. Phishing campaigns and social engineering tactics deceive personnel into executing malicious actions. Contractor devices and third-party connections introduce additional vulnerabilities beyond organizational security controls. Once initial access occurs through compromised endpoints, attackers conduct reconnaissance activities to map network architecture. Lateral movement progresses systematically from enterprise information technology environments toward operational technology systems. Credential harvesting enables authenticated access to jump servers, engineering workstations, and historian databases. Remote access solutions provide pathways for boundary traversal without triggering perimeter alerts. Behavioral analytics and endpoint detection platforms offer visibility into attacker techniques beyond signature-based detection. Application whitelisting constrains unauthorized executable deployment on critical systems. Privilege access management enforces least-privilege principles, limiting credential utility. Network segmentation through industrial demilitarized zones creates monitored chokepoints between enterprise and control system domains. Zero-trust frameworks require continuous authentication verification, eliminating implicit trust assumptions. Incident response planning must address operational continuity while maintaining safe pipeline states. There must be a level of coordination between security teams and operations teams to ensure the implications of physical processes are considered when taking these actions.