Increasingly cybersecurity professionals are starting to look like scientists - we collect evidence, set up a hypothesis, analyze it and drive to a conclusion and decision. This requires technical capabilities that can utilize pattern matching, exploration and statistical inference based on the underlying relationships between data. We see graph technologies as a core component of making these analysis techniques more accessible to operators. But there is still a way to go towards making it a reality. Starting from the first step of developing a data model to repurposing your bespoke analysis methods, there are plenty of challenges along the way. Initiatives like CyBOX and STIX that represent cyber data in a standardized taxonomy and ontology are steps in the right direction. Increasingly cyber data representation is moving towards a standardized taxonomy and ontology, like CyBOX and STIX, that can be easily represented in a graph data model. In our talk we discuss how to address the challenges of designing a practical data model and implementing it using Neo4j’s graph technology. In the following section, we will explain how this data model is operationalized for Project Balerion.