What you need to know is very much based on what you want to accomplish with getting into IT Security.

Someone mentioned knowlage about TCP/IP which I agree with, I would also say getting into both Windows and Linux (and other *nix flavours). Doesn't need to be exessive, but there are many differences not only about how the two systems work, but also the mentality of the different systems.

For example back with Windows NT 4 Server the mentality was that users where allowed to do most things unless the admin had said otherwise, and at the same time Linux distos had the opposite mentality, users where not allowed to do things unless the admin had allowed it. Now this has changed a bit in the recent years, but still worth thinking about.

For bleeding edge IT Security or for a pentester, one must keep up with the current exploits and resolve the issues around them. While for the average sysadmin, keeping services to a minimum and using firewalls is enough.

(For example at my work there are still departments that use the FTP protocoll, allthough they need to be granted an
exeception to do so, with the mentality that it is still a secure means of file transport since the files are encrypted and only the senders IP is added in the firewall. So even if an unauthorized user would get there hands on a user/pass they could still not connect to the FTP)

Programming knowlage is not a must, but it can be an advantage since most exploits publicly published are so called proof of concept, in other words they dont really do anything exept show that it works. In that scenario it could be good to understand what causes the problem to be able to find a solution. (Making your own patch for example)

But when it gets to the bottom line. Read.. Read.. and Read some more. There are many things out there that are security related.

And as a last tip, I would say, build up a personal network of computers (virtual?) and try to hack them, it will hopefully put you into the mentality of how a hacker would think. And when you know how the bad guys think, its easier to see how to stop them.