Skip to main content
HR 5078 119th Congress House Science, Technology, Communications Advanced technology and technological innovations Computer security and identity theft Computers and information technology Congressional oversight Government information and archives Government lending and loan guarantees Government studies and investigations Internet, web applications, social media State and local government operations

PILLAR Act

Introduced: September 2, 2025 Introduced by: Ogles, Andrew Republican · Tennessee See on congress.gov
Sign in to write a letter Sign in to watch
 Everywhere this bill has been 15 steps
Introduced
In committee
Reported out
Passed House
Passed Senate
To President
Became law
Nov 18, 2025
Received in the Senate and Read twice and referred to the Committee on Homeland Security and Governmental Affairs.
Nov 17, 2025
Motion to reconsider laid on the table Agreed to without objection.
Nov 17, 2025
On motion to suspend the rules and pass the bill, as amended Agreed to by voice vote. (text: CR H4685-4687)
Nov 17, 2025
Passed/agreed to in House: On motion to suspend the rules and pass the bill, as amended Agreed to by voice vote. (text: CR H4685-4687)
Nov 17, 2025
DEBATE - The House proceeded with forty minutes of debate on H.R. 5078.
Nov 17, 2025
Considered under suspension of the rules. (consideration: CR H4685-4688)
Nov 17, 2025
Mr. Garbarino moved to suspend the rules and pass the bill, as amended.
Nov 12, 2025
Placed on the Union Calendar, Calendar No. 328.
Nov 12, 2025
Reported by the Committee on Homeland Security. H. Rept. 119-377.
Sep 3, 2025
Ordered to be Reported by the Yeas and Nays: 21 - 1.
Sep 3, 2025
Committee Consideration and Mark-up Session Held
Sep 3, 2025
Subcommittee on Cybersecurity and Infrastructure Protection Discharged
Sep 2, 2025
Referred to the Subcommittee on Cybersecurity and Infrastructure Protection.
Sep 2, 2025
Referred to the House Committee on Homeland Security.
Sep 2, 2025
Introduced in House
 Plain-English summary Congressional Research Service

Protecting Information by Local Leaders for Agency Resilience Act or the PILLAR Act

This bill extends the State and Local Cybersecurity Grant Program through FY2035, expands the scope of the program, and imposes certain limits on the use of grant funds. (The program provides grants to states and Indian tribes to address cybersecurity risks to government information systems.)

The bill expands the scope of systems that may be secured using grant funds to include operational technology systems and specifies that systems using artificial intelligence are included. Such systems must be maintained, owned, or operated by or on behalf of state, local, or tribal governments.

The bill also specifies that grant funds may not be used to purchase software, hardware, or related products or services that do not align with relevant guidance provided by the Cybersecurity and Infrastructure Security Agency (CISA).

Further, the bill increases the federal share of costs available to entities that implement or enable multifactor authentication and identity and access management tools for critical infrastructure by a specified date.

The bill requires annual reports by grant recipients to include a description of recipients’ progress in assuming the cost of continuing cybersecurity programs after grant funds are fully expended.

The Government Accountability Office must periodically review the program. This effort must include a review of artificial intelligence adoption across a sample of grants.

Finally, CISA must implement an outreach plan to inform local governments, including governments in rural areas or areas with small populations, about CISA’s no-cost cybersecurity offerings.

What's happening now November 18, 2025

Received in the Senate and Read twice and referred to the Committee on Homeland Security and Governmental Affairs.

 Committees of jurisdiction 3
 Cosponsors 3
All 3 Democratic 1 Republican 2