Over the past 12 years, Cisco has published over 50 academic papers on the topic of cybersecurity analytics and a multitude of open source. We have done this because we believe that this area of study must remain transparent and open. Having said that, getting a good grade on your paper and being effective on the battlefield of the Internet is very different. Taking concepts from academia research and then applying it in the world, at scale, and with real nation state threat actors in play is something we think we have done well. Sharing this experience is important because if we can save anyone time and resources we have added value to our fight. The team that took the academic research of Encrypted Traffic Analytics to production would like to share with you the do's and don’t's of Machine Learning, point out unique requirements in Cybersecurity analytics versus others, and leave you with a very pragmatic criteria as you apply the most advanced analytics to your Cyberspace operations. This talk is appropriate for folks hands on in the data science or those who are just interested in the outcomes. We in the Advanced Threat Group at Cisco are working every day to bring machine scale observations down to human scale understanding.