Designing for Breach: Combining Ring-Fencing and Zero Trust
Track 101 – 1:45pm
Kazeem Mutiu Adamson Name: Kazeem Mutiu Adamson Socials: https://www.linkedin.com/in/kazeem-mutiu/ https://bsky.app/profile/qhazeeem.bsky.social https://x.com/qhazeeem
Bio
TBC
Pronouns
He/Him
Talk Abstract
This talk explores how organisations can design for breach by combining two powerful but often misunderstood approaches: network ring-fencing and Zero Trust.
Rather than diving into vendor tools or deep protocol mechanics, this session focuses on principles and practical design decisions. We will break down what ring-fencing really means in modern environments, how segmentation reduces blast radius, and why flat internal networks remain one of the biggest hidden risks in many organisations.
We will then examine Zero Trust beyond the marketing language. What does “never trust, always verify” actually look like in day to day operations? How does identity, device posture, and access control complement network segmentation rather than replace it?
Through a realistic breach scenario, we will compare two environments: • A traditional flat network with perimeter security • A segmented, identity-aware environment built with containment in mind
Participants will see how lateral movement occurs, how attackers escalate impact, and how relatively achievable design choices can drastically limit organisational damage.
Attendees will leave with:
• A clear understanding of the difference between prevention and containment • A practical explanation of ring-fencing and its role in limiting blast radius • A grounded view of Zero Trust that avoids hype and focuses on implementation principles • A simple framework for assessing their own environment’s internal trust assumptions • Actionable steps to begin improving segmentation and access controls without major investment
This session is designed to shift mindset. Instead of asking “How do we stop every breach?” we ask, “When a breach happens, how small can we make it?”
Intended Audience
This talk is suitable for:
• Blue team members • Security engineers • IT infrastructure and network professionals • Security leaders and managers • Anyone responsible for enterprise architecture or risk
No deep technical knowledge is required. A basic understanding of networking concepts such as firewalls, internal networks, and user authentication will be helpful, but the session avoids protocol level or vendor specific detail.
How NSFW is this talk?
(How spicy is your talk in chilli's?)
2 out of 5 chillies – The session discusses breach scenarios and attacker behaviour but contains no live exploitation, offensive demonstrations, or graphic or NSFW material. It is suitable for a general conference audience, including younger attendees.