it depends on what You mean by "information security". If it is a firewall to configure or implement a prepared SQL statements, the math here is not necessary, and the necessary documentation for the firewall/library.
And if you take in a broad sense, then:
- Cryptography is non-trivial and mathematics: number theory, combinatorics, elliptic curves, information theory.
- Cryptanalysis is mathematics: probability theory, stochastic processes, game theory.
- Steganography - the same mathematics: coding theory, etc.
- Quantum cryptography without quantum physics and tensor analysis to go there is nothing.
- Analysis/prediction of threats - is also math: all sorts of neural networks, mathematical model, the same stochastic processes, and, God forgive me, God knows what else.
And Yes, underlying all of this is so all the unloved Matan
. No sane Matane access to all these wonderful areas of mathematics is extremely limited and inconclusive.