HB 3026 seeks to restore workforce stability at the Cybersecurity and Infrastructure Security Agency by reinstating employees involuntarily removed between January 25 and March 1, 2025 with backpay, at the employee’s election. It also places strong limits on removals and transfers from CISA and prohibits any DOGE (Department of Government Efficiency) personnel from working at the agency.
The bill is framed as safeguarding the agency’s operational continuity while shielding its budget and staffing from ad hoc reallocations. The short title is Protecting America’s Cybersecurity Act, signaling a focus on immediate organizational resilience within the federal cybersecurity mission.
At a Glance
What It Does
Section 2 reinstates eligible CISA employees removed in a narrowly defined window and requires backpay under existing pay rules. It bars involuntary removals or transfers unless Congress enacts new law post-enactment, and it excludes certain categories (e.g., misconduct, unacceptable performance, political appointees) from coverage. Section 3 forbids federal funding for DOGE personnel to work at CISA.
Who It Affects
Directly affects the CISA workforce and any individuals removed in early 2025, as well as budget officers and agency managers responsible for staffing and funding. It also implicates DOGE personnel and any federal teams that might interact with CISA for staffing or policy purposes.
Why It Matters
The measure aims to preserve institutional memory and operational capability at CISA by preventing abrupt staffing changes and by constraining the flow of personnel from DOGE into CISA, potentially reducing political volatility in cybersecurity operations.
More articles like this one.
A weekly email with all the latest developments on this topic.
What This Bill Actually Does
The bill would reverse a specific set of staffing decisions at CISA by reinstating employees who were involuntarily removed within a defined period and paying them back wages. It imposes a broad safeguard: no further involuntary removals or transfers from CISA can occur without a new statute passed by Congress after the bill’s enactment, and it bars appropriations from being impounded or redirected for such actions unless Congress authorizes it.
The bill also defines who counts as a political position to determine exceptions to the reinstatement provisions. Separately, it blocksDOGE—an agency described as the Department of Government Efficiency—from placing its employees at CISA, with the explicit prohibition on funding those positions at the agency.
The overall aim is to stabilize CISA’s workforce and prevent ad hoc personnel shifts that could affect national cybersecurity operations.
The Five Things You Need to Know
The bill reinstates involuntarily removed CISA employees from Jan 25 to Mar 1, 2025 with backpay.
No further involuntary removal or transfer of CISA staff is allowed unless Congress enacts new law after enactment.
Exceptions apply for misconduct, delinquency, or unacceptable prior performance, and political appointees are not covered.
‘Political position’ is defined to include Executive Schedule roles, non-career Senior Executive Service positions, and Schedule C roles.
DOGE employees may not be funded to work at CISA or detailed to the agency.
Section-by-Section Breakdown
Every bill we cover gets an analysis of its key sections.
Short title and citation
This act may be cited as the Protecting America’s Cybersecurity Act. The short title establishes the immediate policy focus of restoring staffing stability at CISA and restricting outside personnel influence.
Reinstatement and limitations on removal or transfer
Section 2 authorizes reinstatement for individuals involuntarily removed from CISA between January 25 and March 1, 2025, with backpay consistent with 5 U.S.C. 5596, at the employee’s election. It also restricts involuntary removals and transfers of CISA staff going forward, and prohibits reprogramming or impounding appropriations for such actions unless a specific law is enacted afterwards. The section includes exceptions for misconduct, delinquency, or unacceptable prior performance, and preserves the status of political positions from these protections. It defines political positions to include Executive Schedule roles, non-career SES positions, and Schedule C roles.
Restriction on DOGE employees at CISA
Section 3 prohibits the obligation or expenditure of federal funds for the salary or expenses of any DOGE employee, or any DOGE employee transferred or detailed to work at CISA. This creates a blunt separation between DOGE personnel and the agency, ensuring that CISA staffing does not rely on DOGE personnel as part of its cyber defense operations.
This bill is one of many.
Codify tracks hundreds of bills on Technology across all five countries.
Explore Technology in Codify Search →Who Benefits and Who Bears the Cost
Every bill creates winners and losers. Here's who stands to gain and who bears the cost.
Who Benefits
- Former CISA employees who were involuntarily removed and will be reinstated with backpay, restoring career continuity and pay lost during the removal window.
- CISA as an institution benefits from staffing stability and predictable workforce planning, reducing disruption to ongoing cybersecurity programs and incident response.
- Congress and federal budget policymakers who prefer legislative guardrails against ad hoc staffing shifts and funding reallocations within critical agencies.
Who Bears the Cost
- Federal taxpayers, who fund backpay and reinstatement costs for rehired employees.
- Agency budget managers who must administer reinstatements and potential backpay within appropriations constraints.
- Any costs associated with maintaining staffing levels and administrative overhead to ensure compliance with the new limitations on removals and transfers.
Key Issues
The Core Tension
The central dilemma is balancing the need for immediate staffing stability at a critical cybersecurity agency with the civil service principles that govern job security, performance accountability, and interagency staffing dynamics, all while requiring additional Congressional action before any future removals or transfers can occur and restricting the role of DOGE in CISA staffing.
The bill raises important questions about civil service protections, the scope of executive staffing controls, and the practical implications of mandating reinstatement within a narrow removal window. While it seeks to stabilize CISA by freezing removals and barring certain external staffing, it also creates tension with existing personnel rules that govern performance, misconduct, and political appointments.
The reliance on future Congressional action to enable removals or transfers means outcomes hinge on legislative timing and appropriations processes, potentially delaying a permanent resolution to staffing flexibility. The DOGE prohibition further concentrates staffing power within the civilian federal framework and could affect interagency collaborations and resource allocation.
Try it yourself.
Ask a question in plain English, or pick a topic below. Results in seconds.