This talk will cover scenarios from real incidents and how simple solutions that are very cost effective can be used to prevent them from occurring. * A scenario based on real incidents will be presented. * The typical state of security in enterprise will be presented. * Specific gaps that allowed the incident to occur and for data to be exfiltrated will be scrutinized. For each observation, a review of how enterprises are protecting themselves, successfully or not, as well as what can be done to potentially prevent the incident from occurring in the first place will be performed. The presentation will conclude with a discussion on the importance of incident response lessons learned being leveraged to further guide decisions related to security program development.