Industrial control networks have slowly become more connected over the years, mostly because it has made day-to-day operations easier. Remote diagnostics, centralized monitoring, and data sharing were added for practical reasons, not because anyone planned a major architectural change. But those small steps have created openings that did not exist before, and many systems still operate as if they were isolated. The problem is no longer just the equipment or the protocols—it is the assumption that everything inside the network can be trusted by default. Zero Trust is useful here, but it has to be introduced in a way that does not interfere with how plants run or how safety is maintained. This paper lays out a gradual approach that starts with understanding what is already happening in the system, then shaping communication boundaries, and only later tightening access based on identity and context, so that security improves without disrupting operations.