United States of America: Protecting Information by Local Leaders for Agency Resilience Bill (PILLAR Bill/HB 5078) was introduced in House of Representatives

On 2 September 2025, the Protecting Information by Local Leaders for Agency Resilience Act (PILLAR Bill/HB 5078) was introduced in the House of Representatives to amend the Homeland Security Act of 2002 in order to reauthorise the State and Local Cybersecurity Grant Program of the Cybersecurity and Infrastructure Security Agency (CISA) of the Department of Homeland Security. The Bill expands definitions to include artificial intelligence (AI) and AI systems, incorporates the concept of a foreign entity of concern as defined under the CHIPS and Science Act, and establishes requirements for multi-factor authentication. It extends programme authorisation through fiscal year 2035, increases the federal cost share of grants contingent on adoption of multi-factor authentication and identity and access management tools, and introduces outreach obligations to rural and small local governments. The Bill further mandates alignment with secure-by-design guidance, prohibits procurement of software or hardware from foreign entities of concern not aligned with CISA guidance, and requires periodic Government Accountability Office (GAO) reviews to include assessments of artificial intelligence adoption within funded projects.