IT or Computer Security refers to the technical security controls used to protect the functionality of IT systems or the information they contain. As would be expected these controls are biased towards availability and integrity of systems and access controls.
“Modern IT security… At the basic end of the spectrum, this means keeping all software patched, minimising exposure to attack via untrusted networks and auditing for unusual behaviour. At the more complex end, it is about broad and comprehensive monitoring to quickly detect and respond to intrusions. At both ends, it’s about ensuring you know when an attacker has got into your network, minimising the (temporary) access they enjoy, ensuring you know what they’ve done, knowing you can kick them out quickly, and being sure they can’t get back in the same way.” Dr Ian Levy, Head of CESG, quoted in the Guardian Government Computing, 25 October 2011.