"Encrypting data on a mainframe is difficult, for example."

No, it's not. This assertion is factually incorrect and even dangerous. Of all the recent security breaches, apparently none of them have had anything whatsoever to do with mainframes. It's other systems that have been compromised.

Re: TJX breach may spur greater adoption of credit card security standards.

Mainframes have had data encryption capabilities since the 1970s. (IBM invented DES, remember.) Mainframes are unique: all of them ship with crypto hardware as a standard feature. They support SSL/TLS at the highest handshake rates in the industry and can encrypt every network transmission including MQ, application layer SSL/TLS, IPSec, and even SNA encryption (if you're not yet using TCP/IP for everything). They can encrypt data at rest on disk and tape using a wide variety of products (IBM Encryption Facility, DB2 V8 and V9, IBM Data Encryption for IMS and DB2 Databases, IBM TS1120 encrypting tape drives, etc.), include complete PKI features as a standard part of the operating system, use key-protected memory, and have pervasive strong authentication and authorization of every system activity. There's intrusion detection and prevention, denial of service hardening, firewall features....

If a mainframe shop hasn't implemented any of these features, available in many cases for literally decades, it's through simple human negligence. And people who say otherwise are just making excuses or are simply uninformed.

The world would be a lot safer if our financial transactions relied exclusively on IBM mainframes, and many businesses are rushing to do exactly that.