I took courses on Cryptography, Networking (with a unit on DoS/DDoS mitigation), Operating Systems (with a TON of systems programming that got me intimately familiar with buffer overflows and memory models), and a Software Engineering course that included some discussion of injection attacks.
As term or course projects I implemented or was part of team that implemented: a virus scanner, an intrusion detection system (back before they were common -- we called in 'dynamic iptables' or something like that), portions of an operating system with a bunch of security and permissions relevant stuff, a password cracker, and a bunch of crypto algorithms.
Aside from all of this, a basic understanding of how to program and build software systems is already important background.
But no CS is totally unrelated to infosec and I'm a sexist dick for saying that people in leadership should know about the work they are managing. /s
