A dynamic network analysis is conducted on network flow data to demonstrate an improvement in cyber situational awareness. The analysis begins by collecting network-level data (density, network centralization total degree, and fragmentation) on samples of network flow data using the SiLK collection and analysis suite. The next phase categorized the data into four types: autonomic inflow, autonomic outflow, human inflow, and human outflow. Using the CASOS tool ORA, a series of dynamic network analyses were performed on each hour of the data. The results showed variations between the autonomic and human traffic that can be used by firms to gain more detailed understanding on how traffic behaves on their computer networks. The more granular profiles of operations permit separate understanding of automated and manual processes. The network science techniques provide a basis for providing these improvements in a systematic and repeatable manner.