Organizations benefit from improved cybersecurity threat detection capabilities if they share information in a community of their peers. However, organizations are unlikely to share the sensitive information that is most valuable as this poses individual risks. Information sharing in cybersecurity communities therefore forms a collective action problem. Currently, cybersecurity information sharing is being studied primarily as a technological challenge. Drawing on theory from economics and the social sciences, this study proposes governance requirements to overcome individual interests and improve information sharing. These are used to design a governance structure for the case of the National Detection Network, a cybersecurity community initiated by the government of the Netherlands. The proposed governance meets interests of parties through a process of interactive decision-making in four phases, while incentivizing sharing of cybersecurity information. Lessons are drawn from the case for cybersecurity communities in general.