Agreed in many cases.
Some things - like VPN and Citrix are relatively secure. Unfortunately many executives also use things like gmail, facebook, SMS, chat, xyz-gaming-app and so on during their travel. I've seen plenty of senior people send confidential information outside of accepted/expected channels. They don't want to remember passwords, much less change them. There's a lot of 'I'm too busy and it won't happen to me anyhow' mentality with data security.
'Sorry, we don't allow abc gizmo you have to use the standard whatever for your presentation'
'You need a 12 character password changed every 30 days for administrative access the core production servers'
'Well I'm just checking on data for meetings from my iPhone, I can't type all that in. Set it the same as my windows password that never changes'
'This computer connects to a real-time stock market trading network, it has a password and 15 minute screen saver timeout'
'I can't waste time entering passwords, that's way too much work and complexity. I just need to do my trades!'