The House voted to pass two key cybersecurity-related pieces of legislation on Monday that would renew cybersecurity grants for state and local government until 2033 and stand up an interagency task force to address threats posed by China.
The PILLAR Act and Strengthening Cyber Resilience Against State-Sponsored Threats Act passed through the House by voice vote after lawmakers increasingly warned about an escalating cyber threat landscape.
Congress’s State and Local Cybersecurity Grant Program (SLCGP) expired on Sept. 30. The program, established under the Infrastructure Investment and Jobs Act of 2021, made $1 billion in funding available over four years for state and local cybersecurity efforts.
While it received a short-term extension under the stopgap funding agreement that reopened the government after a historic shutdown, a renewal of the program has long been up for consideration in Congress.
The PILLAR Act, introduced by Rep. Andy Ogles, R-Tenn., reauthorizes that program while making some changes.
Specifically, the act locks in current federal cost-share levels, boosts funding incentives for critical-infrastructure groups that adopt multi–factor authentication, expands coverage to operational technology and artificial intelligence use, directs more small community outreach, and pushes participants to plan for long-term cybersecurity costs in their state budgets.
“This legislation puts America First by giving our states, counties, and small towns the tools they need to combat foreign cyber adversaries,” Ogles said in a statement. “President Trump has called for unmatched dominance in every arena of modern warfare to ensure we can defeat the enemies of the United States. With this bill, we deliver.”
SLCGP has been mostly well-received, though some say the program’s length is too short and its requirements make it less accessible to understaffed and smaller communities.
House Homeland Security Committee Chair Andrew Garbarino, R-N.Y., said that the program has been largely successful by providing communities with access to cybersecurity tools.
“We have seen success through efforts such as deploying student-led regional security operations centers in partnership with community colleges to train local cyber talent and providing shared services across the state for end point detection and response capabilities, multi-factor authentication, and cybersecurity trainings, just to name a few,” Garbarino said.
Meanwhile the Strengthening Cyber Resilience Against State-Sponsored Threats Act, also introduced by Ogles, would create an interagency task force led by the Cybersecurity and Infrastructure Security Agency and the FBI to address cyber threats posed by China.
That task force would be required to provide Congress with an annual classified report for five years on its findings and recommendations related to Chinese state-affiliated malicious cyber activity.
“Now that my bill has passed, we are one step closer to locking out the foreign communists trying to steal American data,” Ogles said.
Rep. John Moolenaar, R-Mich., who leads the Select Committee on China, added that the act “ensures our federal agencies have the resources they need to build a unified and effective response to Chinese-backed cyber-attacks,” and “will strengthen our national cybersecurity and give us the ability to more quickly counter threats like Volt Typhoon.”
Both pieces of legislation are now Senate-bound to receive their final vote of approval.