Cybersecurity Agency Gets Stability Boost: Bill Reinstates Staff, Protects Funds, and Curiously Curbs 'DOGE' Service Workers

The "Protecting America’s Cybersecurity Act" is looking to give the Cybersecurity and Infrastructure Security Agency (CISA) – think of them as the nation's digital neighborhood watch – a shot in the arm. It plans to do this by bringing back some recently dismissed employees, making it tougher to remove current staff, and putting tighter controls on the agency's purse strings. Specifically, CISA employees (not in top political spots) who were involuntarily let go between January 25, 2025, and March 1, 2025, could, under this bill, get their old jobs back, complete with back pay.

Second Chances and Stronger Shields

So, what's the deal with getting a job back? Section 2 of the bill lays it out: if CISA employees were involuntarily removed during that roughly five-week window in early 2025, they have the option to be reinstated. This isn't just a token gesture, but comes with back pay as outlined in 5 U.S.C. 5596, the federal rule ensuring employees are financially compensated after an unjustified personnel action. Imagine being laid off, then a few months later, getting a call to return with all your missed paychecks. However, this opportunity doesn't extend to everyone. If the dismissal was for misconduct, poor performance, or if the role was a "political position" – such as high-level appointees listed under sections like 5 U.S.C. 5312-5316 (Cabinet-level type roles), non-career Senior Executive Service spots (defined under 5 U.S.C. 3132), or those in confidential, policy-making Schedule C roles (as per 5 CFR Part 213, Subpart C, Schedule C) – then this reinstatement offer is off the table.

Beyond reinstatements, Section 2 also aims to build a more stable workforce at CISA moving forward. It puts limits on the involuntary removal or transfer of CISA employees. For the folks working at CISA, this could mean less uncertainty and more focus on the actual job of protecting our digital infrastructure. The same "political position" exclusions apply here too.

Keeping CISA's Cash Where It Counts

It's not just about people; it's about the money too. The bill throws a protective arm around CISA's budget. Under Section 2, CISA's funds can't be impounded (held back), transferred, or reprogrammed (moved to a different account) without a new law from Congress. The only exception is if CISA's existing funding agreements – their appropriations acts – already allow for certain transfers. For the average taxpayer, this means the money allocated to CISA for cybersecurity is more likely to stay with CISA for that purpose, rather than being diverted to other projects without public discussion and a vote by lawmakers. This could give CISA more predictability in its long-term planning for things like upgrading security systems or hiring experts.

The DOGE in the Room: A Peculiar Prohibition

Now for a provision in Section 3 that might raise an eyebrow. The bill explicitly prohibits using any federal funds to pay the salaries or expenses of employees from the "Department of the United States DOGE Service" or any "DOGE agency team" who might be working at CISA. The bill specifies the 'Department of the United States DOGE Service' – a name that stands out. While the legislation doesn't offer background on this DOGE Service, it draws a clear line: no personnel from this entity are to be funded for work at CISA. This is a highly specific directive. Without more context, it's hard to pinpoint the exact rationale for singling out this particular department. It could be intended to prevent a certain type of inter-agency dynamic or perhaps addresses a very niche administrative scenario. Whatever the underlying reason, this means that personnel from the DOGE Service would not be able to have their salaries covered for work performed at CISA under this provision. This could potentially impact inter-agency cooperation if, for instance, DOGE Service staff possess specialized skills that CISA might otherwise utilize.