El Capitan ships with a new OS X feature: System Integrity Protection (SIP), also known as “rootless” mode. This reduces the attack surface for malware that relies on modifying system files by preventing any user, whether with system administrator (“root”) privileges or not from modifying a number of operating system directories and files.
It doesn’t eliminate the possibility of malware or folks finding a way to subvert this mode, but it does increase the difficulty of finding a hole to penetrate. All such changes discourage those who hack for profit or destruction, because the more time it takes and the less likely successful, the more often they turn to other operating systems and targets.
Read more here:: How to modify System Integrity Protection in El Capitan