One of the recommendations in the recently published McPartland Review of Cybersecurity and Economic Growth is the establishment of a ‘Cyber Charter’ to “empower large companies to share their cybersecurity expertise and resources with their 3rd party critical suppliers”. Evidence certainly suggests cybersecurity disparities between larger organisations and SMEs, with the smaller players often at a disadvantage in terms of understanding and acting upon cyber issues. At the same time, cyber incidents affecting them can have knock-on impacts for others. With this in mind, to what degree can we take a more community-based approach to cybersecurity experiences and expertise? Can larger organisations help to support those in their supply chain ecosystem? Can SMEs have a role in collectively supporting themselves?