I'd suggest to first back up the current ACLs using icacls /save, so that in case of problems you'll be able to just icacls /restore and restart from beginning.

Permissions are inherited (or re(-re(-re…))inherited) only from the immediate parent directory, not from all parents together. So it should be enough to disable inheritance for the topmost directory itself (making the permissions static), e.g. using

icacls my_2008_project /inheritance:d

This will convert the currently inherited ACEs into static ones, so the resulting ACL won't change no matter where the directory is moved – and therefore ACLs inherited by its files and subdirectories won't change either.

(Actually, merely moving items wouldn't automatically adjust inherited permissions anyway, but the above step makes sure that won't happen by accident either.)

To prevent writing, you'll have to use ACLs as well. (The "read-only" attribute only works with files – it's completely ignored for directories.) Easiest would be to add a 'deny' ACE:

icacls my_2008_project /t /deny Everyone:W

This will add the ACE individually to each item (since you mentioned that some of them have inheritable permissions disabled).

A regular inheritable version would be:

icacls my_2008_project /deny Everyone:(OI)(CI)W