PILLAR Act
- Bill Number
- H.R. 5078
- Origin Chamber
- House
- Congress
- 119th Congress, Session 1
- Policy Area
- Science, Technology, Communications
- Status
- Passed House
- Latest Action
- 2025-11-18: Received in the Senate and Read twice and referred to the Committee on Homeland Security and Governmental Affairs.
- Last Updated
- 2026-02-04T05:06:18Z
Official Summary
Protecting Information by Local Leaders for Agency Resilience Act or the PILLAR Act
This bill extends the State and Local Cybersecurity Grant Program through FY2035, expands the scope of the program, and imposes certain limits on the use of grant funds. (The program provides grants to states and Indian tribes to address cybersecurity risks to government information systems.)
The bill expands the scope of systems that may be secured using grant funds to include operational technology systems and specifies that systems using artificial intelligence are included. Such systems must be maintained, owned, or operated by or on behalf of state, local, or tribal governments.
The bill also specifies that grant funds may not be used to purchase software, hardware, or related products or services that do not align with relevant guidance provided by the Cybersecurity and Infrastructure Security Agency (CISA).
Further, the bill increases the federal share of costs available to entities that implement or enable multifactor authentication and identity and access management tools for critical infrastructure by a specified date.
The bill requires annual reports by grant recipients to include a description of recipients’ progress in assuming the cost of continuing cybersecurity programs after grant funds are fully expended.
The Government Accountability Office must periodically review the program. This effort must include a review of artificial intelligence adoption across a sample of grants.
Finally, CISA must implement an outreach plan to inform local governments, including governments in rural areas or areas with small populations, about CISA’s no-cost cybersecurity offerings.
Sponsor
Cosponsors (4)
Rep. Garbarino, Andrew R. [R-NY-2], Rep. Swalwell, Eric [D-CA-14], Rep. Evans, Gabe [R-CO-8], Rep. Vindman, Eugene Simon [D-VA-7]
Recent Actions
- 2025-11-18: Received in the Senate and Read twice and referred to the Committee on Homeland Security and Governmental Affairs.
- 2025-11-17: Motion to reconsider laid on the table Agreed to without objection.
- 2025-11-17: On motion to suspend the rules and pass the bill, as amended Agreed to by voice vote. (text: CR H4685-4687)
- 2025-11-17: Passed/agreed to in House: On motion to suspend the rules and pass the bill, as amended Agreed to by voice vote. (text: CR H4685-4687)
- 2025-11-17: DEBATE - The House proceeded with forty minutes of debate on H.R. 5078.
- 2025-11-17: Considered under suspension of the rules. (consideration: CR H4685-4688)
- 2025-11-17: Mr. Garbarino moved to suspend the rules and pass the bill, as amended.
- 2025-11-12: Placed on the Union Calendar, Calendar No. 328.
- 2025-11-12: Reported by the Committee on Homeland Security. H. Rept. 119-377.
- 2025-11-12: Reported by the Committee on Homeland Security. H. Rept. 119-377.
- 2025-09-03: Ordered to be Reported by the Yeas and Nays: 21 - 1.
- 2025-09-03: Committee Consideration and Mark-up Session Held
- 2025-09-03: Subcommittee on Cybersecurity and Infrastructure Protection Discharged
- 2025-09-02: Referred to the Subcommittee on Cybersecurity and Infrastructure Protection.
- 2025-09-02: Referred to the House Committee on Homeland Security.
Bill Versions
- Protecting Information by Local Leaders for Agency Resilience Act — issued 2025-11-17 — PDF (20 pages)
- Protecting Information by Local Leaders for Agency Resilience Act — issued 2025-09-02 — PDF (18 pages)
- Protecting Information by Local Leaders for Agency Resilience Act — issued 2025-11-18 — PDF (19 pages)
- Protecting Information by Local Leaders for Agency Resilience Act — issued 2025-11-12 — PDF (22 pages)