It was proposed1 that data fusion techniques should be used to enhance situational awareness into network security events. However, since then, there have been few successes in adopting multi-sensor data fusion technologies for cyber security. This may be due to limited understanding of the entire data fusion process and it can and should be applied in cyber security. Researchers appear to be focused on using network-based intrusion detection systems and fusing their outputs to gain a more full understanding of undesired activities on the network. While there has been some success in this effort, overall awareness of the current status of the network and projection of future actions of adversaries has still not been achieved. The problem is much more complex and requires the fusion of data from widely varied sources, using multiple algorithms to achieve fusion and awareness at different levels and contexts. Most importantly, it must be understood that these tools are situational awareness aids. Their objective is to assist the human cyber security analyst and therefore must take into account human cognitive capabilities. The goals of this research, therefore, are to describe the JDL Data Fusion Process Model in cyber security terms (Section 2), categorize and describe the efforts of previous research in this domain (Section 3) and suggest areas for future work (Section 4).