Photo By Michael Strasser | Joanne Thornton, U.S. Army Northeast Regional Network Enterprise Center-Fort Drum...... read more read more
FORT DRUM, N.Y. (Jan. 13, 2025) -- Colleagues, family and friends gathered outside Hays Hall on Jan. 10 to recognize one of Fort Drum’s pioneer cyber professionals upon her retirement.
Joanne Thornton, U.S. Army Northeast Regional Network Enterprise Center-Fort Drum director, was presented with an American flag during a retreat ceremony to recognize her 26 years of service to the Army.
Thornton reflected on her career, which included being the first woman to serve as a director at Fort Drum, and a profession that saw many transformations in how the Army communicates and combats adversaries in cyberspace.
A native of Theresa, Thornton began working at Fort Drum in 1998 as the installation security specialist. Being the single point of contact for all network and automation security-related issues, Thornton said she initially felt overwhelmed.
“This was the first job in information assurance across the Army,” she said. “It wasn’t called ‘cyber’ back then, but the Army realized they needed to get their arms around this and get some people on board. Information security was not well-received at first. People didn’t want to hear about it, and they thought it was an inconvenience.”
Thornton said people simply wanted their computers to function without restrictions, and everything else was inconsequential. But the work, she discovered, was relevant and cutting-edge.
“It was all so new,” Thornton said. “And my supervisor sent me to so much training and then arranged it with the DOIM (Directorate of Information Management) director for me to be in Bldg. 10690, where all communications operations reside.”
There, she could oversee the installation intrusion detection for NIPRNet (Non-classified Internet Protocol Router Network) and SIPRNet (Secret Internet Protocol Router Network).
Fred Burleson, the network lead, taught Thornton how to read packets at the hexadecimal level to analyze traffic as it transversed the network.
“I absolutely loved pouring over packets for hours and really became good at it,” she said. “At one point I saw all this odd traffic coming into the network, and it was from the White House server and the FBI. I wasn’t sure what it was, but I sure knew something was wrong.”
She reported it to the Army Response Computer Team and contacted the White House webmaster, and later she discovered that she found a denial attack on those federal websites.
ALARACTs (All Army Activities), a force-wide message, would relay critical information that required immediate action, but sometimes no solution existed.
“I remember the first time I looked at one, and thought I was over my head,” she said. “There would be a vulnerability on this system, and we needed to do something about it. It would tell what the fix would be, and we had no tools to do that across the wire. So that was a challenge back then.”
The Internet was still fairly new at the time, mostly text based, with long download times. Before there was social media, email and chatrooms were the most popular communication tools.
“Everything was big back then,” she said. “The monitors, the servers – and the operations floor was just crowded with huge servers. When I started it was a lot of clunky equipment and no wireless devices.”
On an installation level, DOIM controlled it all, and if it broke, they had to fix it all.
“I could assist a customer with anything right on the spot,” Thornton said. “I remember the email servers going down several times. We were on our own to get them up and running. Paul Dailey, our server support division chief, had no sleep for three nights.”
Information technology, in her words, was not for the weak of heart, and at times it could feel like the Wild West. Users could literally load whatever they wanted on their computers, which could be plugged into the network without any coordination.
“If you wanted to load any software that was on the web, you could load it,” Thornton said. “You had complete privileges, and people were doing that. Someone’s got a good idea to be more effective and efficient, and they put it on the network so they can count widgets better. But it’s not vetted, and none of its secure.”
And the IT policies and procedures that existed were not always enforced.
“The thought was, ‘What do you mean my Soldiers can’t do that?’ or ‘What do you mean my employees can’t load this on their computer?’” Thornton said. “Then the network was just riddled with all kinds of Trojans, worms, and viruses.”
DOIM professionals like Thornton managed the stresses of protecting the network against unauthorized intrusions and provided technical analysis in identifying and resolving security incidents.
Thornton recalled a time when another installation’s backbone – or central infrastructure of the computer network – was hacked, and required a rebuild on every computer from scratch to remove the adversaries.
“There was me and Tom Abrial in security at the time, and we had to stand up a technical capability so intrusions could be detected on the spot, allowing that segment of the network to be rapidly isolated from the whole network,” she said. “That was pretty exciting, and it took us a while, and we were under a lot of pressure to get it up on the network.”
A more regulated and controlled cyber environment developed as technologies continued to advance.
“Now going forward, you can’t put anything on the network unless it’s vetted to make sure none of our adversaries made any components or software,” Thornton said. “Everything is given to us. We are told how to use it, what is expected of us, and it’s all standardized.”
For an IT professional, Thornton said thwarting harmful attacks gave them a chance to flex their skills and get their hands dirty. In 2000, she was recognized for leading one of the Army’s top three installations in intrusion detection.
“I guess it’s probably like how some Soldiers feel after all of their training and finally getting a chance to go out and be a Soldier,” she said. “It’s exciting and it’s a privilege.”
She also felt a sense of duty similar to service members, which only amplified after the 9/11 attacks and the subsequent war on terrorism.
“When the (Twin Towers) were hit and the deployments started, I felt a sense of service and duty that was intense,” Thornton said. “The NEC supported the Soldiers any way we could – range support, tactical support, specialized networks and systems, technical expertise for Battle Command Systems. We hosted video teleconferences for sons and daughters to speak to their deployed parent, streamed graduations to deployed parents, and holiday greetings from deployed parents.”
Thornton said they adopted platoons, wrote letters, and sent care packages throughout the deployments.
Her team also supported the National Guard’s 42nd Infantry Division during Operation Iraqi Freedom.
“That was an experience and honor that I will never forget,” Thornton said. “They were housed with us, working out of our facilities.”
Thornton went from being the information assurance manager and DOIM Automation Division chief to being Fort Drum’s point person to help stand up a cyber division while overseeing all desktop support. A promotion to deputy director at DOIM – now Network Enterprise Center – was inevitable.
But when asked, Thornton said her response was – with all due respect – a “hell, no.”
“I loved what I was doing, and I didn’t want that headache,” she said. “Then when I was asked to be the acting director when he retired, I hesitated. I thought, ‘Can I do this? I think I can make a difference.’ I was worried with all the responsibilities and duties I would have, there were parts of the business I didn’t understand.”
Being named the first woman director at Fort Drum in 2008 did not even register in her mind at the time. Thornton said she was more focused on changing the culture within DOIM and its reputation as being the “can’t do” organization.
“Once I got rolling, I thought I could change the culture, and there were so many stellar people on the team, she said. “This team and I could really support the mission partners and be looked at differently.”
She frequently observed one of her mentors in action, who showed her a more amicable way of customer service.
“I remember her (Judith Gentner, former deputy to the garrison commander) saying to me, ‘You can't say no to people all the time,’” Thornton recalled. “If the answer is no, you try to get to yes. Even when you know the answer is going to be no, you can tell them it’s no at your level, but you're going to try to get that request pushed through for them. Now you become the person that is advocating instead of saying ‘No, you can't do this.’ And it changes that whole way you are received.”
When it became clear that the 7th Signal Command, responsible for the integration, security, and defense of Army networks, would establish regional centers, Thornton made that her mission.
“My strategy was to get Fort Drum out there and get us selected as a region,” she said. “I signed us up for every pilot I could. I raised my hand for anything so I could brief at higher levels. I knew we had to get out there and be known – set our reputation.”
That strategy was working, and Thornton found herself briefing in front of Lt. Gen. John Morrison, former commander of 7th Signal Command and current deputy chief of staff for cyber (G-6).
In her presentation, she listed all of Fort Drum’s capabilities and what made them different from the rest – foremost, having a DOIM comprised wholly of Department of the Army civilians when other installation organizations employed contractors.
“That’s why we’ve always been a site that can really be tapped on the shoulder and go any place to support whoever needs it,” Thornton said.
But in her excitement to brief the commander, she omitted the salient reason for the presentation.
“After I’m done, I thank him for his time and all of that, and he gives me this look,” Thornton recalled. “And he says, ‘Aren’t you going to ask me about that last bullet point?’ I forgot to ask him if he would consider us being a region. I looked at him and said, ‘Sir, I can’t believe I did that.’ And he looked at me, smiled, and goes, ‘You got it. You’re a region.’”
As regional director, Thornton maintained operational control of an area of responsibility that extends beyond Fort Drum and includes Joint Base Dix-McGuire, New Jersey; Fort Buchanan, Puerto Rico; West Point; Fort Hamilton; Watervliet Arsenal; Devens Reserve Forces Training Area, Massachusetts; and the Combat Capabilities Development Command Soldier Center, formerly U.S. Army Natick Soldier Research Development and Engineering Center, Massachusetts. She empowered the success of the Army by providing the information foundation that enables Warfighter Mission Command, assuring freedom of action in cyberspace and denying the same to adversaries.
“My number one role as a leader is supporting the team,” Thornton said. “It’s imperative to me that they know I will always listen to them and value their input. In meetings, I watch, listen, and specifically ask, ‘What are you thinking?’ I value their input. My role is to look out for their future, give them a workplace that is empowering, and offer them opportunities.”
On paper, the Northeast Regional NEC has pages of responsibilities, including cyber operations, the cyber security inspection program, NIPRNet (Non-classified Internet Protocol Router Network) and SIPRNet server administration, fiber infrastructure, IT service continuity management, telephone services, IT contract oversight, mobilization support, communication security (COMSEC) service, and IT training.
Even still, Thornton said that doesn’t fully articulate the capabilities of the NEC team. For example, when Hurricane Sandy ravaged the Eastern Seaboard in 2012, Fort Drum rapidly dispatched a team of experts to Fort Hamilton with critical IT infrastructure repair supplies and equipment.
“The team worked tirelessly, logging 16- to 18-hour workdays,” Thornton said. “The efforts produced immediate capabilities, accommodating the installation and first responder agencies using the installation as a launching point for relief efforts.”
She also recalled how members of the Network Infrastructure Division went to Fort Buchanan, to support relief efforts after Hurricane Maria in 2017. An all-volunteer team of multi-disciplined professionals were on the ground to provide storm damage assessment and repair, establish 24/7 NEC coverage during loss of prime power, and install a land mobile radio repeater system, while also relieving local NEC staff so they could care for their families.
“I think this is an incredible group of people who have stepped up when needed, and there’s a lot of pride here – even though I don’t think people fully understand what we do. There are so many times our team has been right out on the range with the Soldiers during exercises, working side by side.”
“David Davidson has brought many capabilities to Fort Drum that we wouldn’t have received – operational solutions – to the region and the 7th Signal Command theater, which involved pushing uphill tirelessly. Scott Strife has been rated among the best in the Army for cyber tools. Within Desktop Support, Network Services, Business, and Cyber, there are people who are so dedicated to the mission. I think they are all unsung heroes.”
Before joining the federal workforce, Thornton spent a couple of years in New York City as an office system analyst for Philips Information Systems. Returning home, she accepted a nine-month stint on post as database manager contractor.
“It was a short-term contract that I took because I was looking to get back into the computer field,” she said. “That was when night vision was coming out. We were testing at night and collecting data on the capability to utilize ‘Own the Night’ equipment. I was just a data cruncher, but I knew for the first time in my life where I wanted to work – Fort Drum.”
She said she carried that feeling and a passion for cyber throughout her entire career.
“This has been the most incredible experience I could ever have,” she said. “It is. I have learned so much about myself. I’ve become a better person. I have so many onboard skills that I never would have had.”
“I understand facility management, contingency planning, contract, and construction oversight,” Thornton continued. “I have sat around the table with some incredible people and have grown to become a better leader. I have learned how to advocate and to build relationships. I have learned how to be concise and specific. I understand data points, how to analyze, and how to come up with options or stop gaps.”
Thornton said when she was hired at Fort Drum, she knew it was more than just a job. Then, years later, it became more fulfilling a career than she thought possible.
“The Army has taught me so much, she said. “If I hadn't gotten a job at Fort Drum, I wouldn't be the capable person I am – to be decisive, to be resilient, to understand the threats and really know what is happening in the world. And why our Soldiers are so important and why we need to honor them.”
Thornton said she intends to stay active in retirement.
“I have always believed my life has been given to me to give back in some compacity,” she said. “I have a retirement strategy that I laid out a few years back. It involves volunteering at Hospice with one of my service/therapy dogs, to be a part of the local SPCA board or other community service, serve in some capacity in supporting our veterans, plus self and physical wellness, and family and friends, always. I don’t want my military service to be the last positive thing I do.”
| Date Taken: | 01.13.2025 |
| Date Posted: | 01.13.2025 08:32 |
| Story ID: | 488976 |
| Location: | FORT DRUM, NEW YORK, US |
| Web Views: | 1,819 |
| Downloads: | 0 |
This work, Fort Drum bids farewell to distinguished cyber leader, by Michael Strasser, identified by DVIDS, must comply with the restrictions shown on https://www.dvidshub.net/about/copyright.
No keywords found.
