The document discusses moving from a focus on security to immunity in IT systems. It defines security as confidentiality, integrity and availability (CIA) and outlines how immunity can be achieved by integrating security considerations into each phase of the engineering process, from requirements gathering to deployment. This embedded, integrated approach to security ownership can provide immunity rather than just addressing security as an isolated afterthought.