Government initiatives (E8, CTIS, CI-UP) and legislation (SOCI) address Cyber Assurance, Reporting and 'machine to machine' sharing requirements, however a community-based approach (focussed on cyber intelligence sharing and collective cyber defence) is needed to materially uplift cyber defences. Existing Information Sharing & Analysis Centres (ISACs) operating in Australia are sector specific, and do not adopt a risk-based approach to intelligence sharing. This coupled with many CI public and private sector entities lacking the knowledge, resources or capabilities to effectively participate results in many being excluded. While some cyber attackers may prefer certain sectors or targets, common attack techniques are employed broadly and taking a threat-informed, risk-based approach enables intelligence to be used as a tool to shift from a reactive to proactive defensive posture. The CI-ISAC is a Not for Profit (NFP) dedicated to building communities to leverage the network effects of risk-based intelligence sharing, while also building central capabilities to help resource constrained entities and their service providers participate effectively.