The House of Representatives has passed the Protecting Information by Local Leaders for Agency Resilience Act (PILLAR Act), a bipartisan bill aimed at strengthening cybersecurity defenses for state, local, tribal, and territorial governments. The legislation was introduced by Rep. Andy Ogles (R-TN) and cosponsored by House Committee on Homeland Security Chairman Andrew R. Garbarino (R-NY) and Rep. Gabe Evans (R-CO).
The PILLAR Act reauthorizes and reforms the State and Local Cybersecurity Grant Program, which is set to expire in January 2026 unless renewed. The program provides funding to help government entities defend against cyber threats, including those targeting critical infrastructure such as power grids, water systems, hospitals, schools, and public safety networks. The updated bill also expands the program’s scope to address emerging technologies like artificial intelligence and operational technology.
Industry leaders and organizations have expressed strong support for the legislation. Michael R. Centrella of Security Scorecard said: “The PILLAR Act is a critical piece of legislation that advances the resilience of our national digital infrastructure at a moment when cyber threats are accelerating in both sophistication and scale. As adversaries increasingly target supply chains, managed service providers, and state and local governments, the need for coordinated visibility, actionable threat sharing, and measurable resilience outcomes has never been more urgent.”
The National Conference of State Legislatures noted: “Cyberattacks on critical infrastructure are escalating, putting states at risk. The State and Local Cybersecurity Grant Program is a key tool for building cyber defenses and will expire in January 2026 without reauthorization. The ‘Protecting Information by Local Leaders for Agency Resilience Act (PILLAR)’ Act will extend this important grant program and help ensure states can protect their citizens, safeguard essential services and strengthen resilience against growing threats. NCSL urges swift passage of the PILLAR Act.”
Ryan Gillis from Zscaler commented: “Zscaler commends the House Homeland Security Committee’s bipartisan efforts to reauthorize the State and Local Cybersecurity Grant Program, an essential first step toward securing the federal portion of the investment needed to defend the systems that power our communities and support our military readiness. State and local governments are on the frontlines of asymmetric cyber warfare, and they cannot meet this challenge alone.”
Palo Alto Networks stated: “Palo Alto Networks commends Representative Ogles and Chairman Garbarino for their leadership in championing the PILLAR Act and urges the House of Representatives to pass this critical legislation. By reauthorizing the State and Local Cybersecurity Grant Program (SLCGP), this bill would provide state and local governments with the long-term certainty needed to harden their defenses. By broadening the program’s scope to include Operational Technology and AI systems, this legislation also aligns federal support with the speed of today’s cyber threat landscape. As nation-state actors and criminal groups increase the sophistication and scale of their attacks, the PILLAR Act ensures state and local government partners on the frontline are equipped to secure our nation’s critical infrastructure.”
Other supporters include business associations such as Business Software Alliance; technology companies like WIZ; industry groups including Interstate Natural Gas Association of America; cybersecurity firms such as Fortinet; county representatives from National Association of Counties; consulting firms like Merlin Group; utility security experts from Dragos; legal officers from Vanta; SentinelOne executives; academic institutions like McCrary Institute; public works advocates from American Public Works Association; cloud security company Armis; policy organizations such as OpenPolicy; digital innovation alliances like Alliance for Digital Innovation; information technology councils including ITI; Tenable executives focused on global government affairs; ransomware research centers like Halcyon.
These organizations emphasized that renewing federal support through grants helps address resource constraints faced by smaller jurisdictions while enabling adoption of advanced cybersecurity measures—such as multi-factor authentication or AI-driven threat detection—to counter evolving risks.
If enacted into law following Senate approval, proponents say that continued investment under an extended grant program will help protect vital community services across all levels of government amid increasing frequency—and complexity—of cyberattacks.
