This article features the necessity and requirement of multisensor data fusion for building next-generation cyberspace intrusion detection (ID) systems, in order to effectively create cyberspace situational awareness. Recent industry studies forecast the consumer market for security assessment tools will grow from approximately $150 million per year in 1999 to over $600 million in 2002. This article provides a brief review of ID concepts and terms, an overview of the art and science of multiples data-fusion technology, and introduces the ID systems data-mining environment as a complementary process to the ID system data-fusion model. The latter is a rules-based pattern matching system where audits are matched against subject profiles to detect computer misuse based on logins, program executions, and file access. Waltz introduces some of the generic sensor characteristics such as detection performance based on false alarm rate and spatial coverage, that can be applied to next-generation cyberspace ID systems. Data fusion uses known ID templates and pattern recognition. Data mining processes search for hidden patterns based on previously undetected intrusions, to help develop new detection templates, in addition, focuses on the current state of the network based on past data based on operations of clustering, association and statistical analysis