An enterprise defender does not have an easy role; however there are many free or cost-effective changes which can be implemented to significantly reduce or mitigate risk to the network. Many are simply configuration changes in the security stack you already have. If one alters their thinking from how to prevent one specific technique to how to prevent each step of the kill chain, they can have a much greater impact. This talk will take a practical approach at observing the the kill chain of an average phishing attack and security controls you can implement at each step of the way to better prevent or detect the attack.