Securing Sarawak’s Digital Future: How Nexusguard Empowered Irix and SAINS to Overcome DDoS Threats and Build Cyber Resilience

In the heart of Borneo, where lush rainforests meet ambitious innovation, Irix (formerly PP Telecommunication) stands as a testament to Sarawakian vision and determination. Founded in 2008 and fully owned by Sarawakians, Irix is more than just a telecommunications company — it is a catalyst for progress, fully licensed by the Malaysian Communications and Multimedia Commission (MCMC) as a Network Facilities Provider (NFP), Network Service Provider (NSP), and Application Service Provider (ASP).

‍

Driven by a mission to transform Sarawak into a digital powerhouse, Irix is committed to building a world-class telecommunications infrastructure. This vision aligns seamlessly with the Sarawak State Government’s Digital Economy Transformation initiatives, aiming to bridge the digital divide between urban and rural communities. By doing so, Irix is not only connecting people but also empowering them with the tools to thrive in a rapidly evolving digital landscape.

‍

With aspirations to become the Regional Telecommunication Gateway for Borneo, Irix leverages strategic partnerships, including its collaboration with Nexusguard, to deliver cutting-edge cybersecurity solutions. 

‍

SAINS: Spearheading Sarawak’s Digital Transformation

‍

Wholly owned by the Sarawak State Government, the private limited company SAINS has emerged as a leading ICT Systems Integrator and Solutions Provider, driving technological advancement across the region. With decades of expertise and a commitment to excellence, SAINS specializes in delivering comprehensive business solutions and end-to-end IT services, tailored to meet the unique needs of its customers.

‍

Since its inception in 1991, SAINS has played a pivotal role in computerizing the Sarawak Government, laying the foundation for a more connected and efficient public sector. 

‍

Unmasking SAINS' Cybersecurity Vulnerabilities

‍

The 2019 DDoS Attack: A Wake-Up Call

‍

As a state-owned ICT Solutions Provider, SAINS carries the critical responsibility of safeguarding its infrastructure and ensuring robust cybersecurity measures are in place to protect both its operations and its customers. However, this responsibility comes with significant challenges, as highlighted by a pivotal incident in 2019.

‍

SAINS' network was hit overnight by a Distributed Denial of Service (DDoS) attack, crippling its systems for several hours. This outage not only disrupted SAINS' operations but also impacted its downstream customers, many of whom rely on SAINS to manage and control their agency networks. At the time, SAINS relied on a DDoS mitigation solution provided by one of its upstream providers. Despite this, the provider was unable to deliver a root cause analysis or even basic insights into the attack, leaving SAINS in the dark about what had occurred.

‍

This incident exposed several critical vulnerabilities and challenges for SAINS:

‍

Limited Expertise from Upstream Providers: SAINS realized that its upstream provider was not a true Managed Security Services Provider (MSSP) and lacked the necessary expertise to handle sophisticated cybersecurity threats effectively.

‍

The Need for In-House Expertise: The attack underscored the importance of having skilled cybersecurity professionals within SAINS itself. Relying solely on external providers was no longer sufficient; SAINS needed its own team capable of understanding, managing, and responding to cyber threats proactively.

‍

The Demand for Proactive Solutions: SAINS recognized the need for a cybersecurity solution that it could manage independently. This solution would not only mitigate threats but also provide real-time notifications and insights during incidents, enabling SAINS to respond swiftly and effectively.

‍

SAINS' Quest for Cybersecurity Resilience

‍

Building a Cybersecurity Roadmap

Faced with the critical challenges exposed by the 2019 DDoS attack, SAINS embarked on a mission to find robust solutions and strategic partnerships to fortify its cybersecurity defenses. Recognizing the need for a comprehensive approach, SAINS focused on three key considerations to address its vulnerabilities and ensure long-term resilience:

‍

Exploring Available Solutions
SAINS began by researching the wide range of cybersecurity solutions available in the market, evaluating both on-premise and cloud-based options. The goal was to identify tools and technologies that could provide proactive protection, real-time threat detection, and incident response capabilities. 

‍

Building In-House Expertise
Understanding that relying solely on external providers was no longer viable, SAINS committed to investing in its own cybersecurity talent. This involved hiring skilled professionals and establishing a dedicated Security Operations Center (SOC) team. The SOC would operate 24/7, monitoring the network, analyzing threats, and responding to incidents in real-time. 

‍

Partnering with a True MSSP
To complement its in-house efforts, SAINS sought to collaborate with a reputable MSSP. Unlike its previous upstream provider, a true MSSP would bring specialized expertise, advanced tools, and a proven track record in managing complex cybersecurity threats. This partnership would provide SAINS with additional layers of protection and support, ensuring a more holistic defense strategy.

‍

Irix Steps Up: A Strategic Partnership for Cybersecurity

Amidst the mounting challenges and the urgent need for a reliable cybersecurity solution, SAINS found a trusted partner in Irix. The decision to partner with Irix was driven by several compelling factors, making Irix the ideal collaborator to address SAINS' pressing issues:

‍

Shared Vision and Responsibility
Both SAINS and Irix are deeply rooted in Sarawak's development, appointed by the state government to drive technological progress. Their shared mission—"for Sarawak, by Sarawakians" — created a natural alignment, fostering a partnership built on mutual goals and a commitment to the region's growth.

‍

Irix's Emerging Leadership
As the newly appointed service provider for Sarawak, Irix brought fresh energy and innovative solutions to the table. Their forward-thinking approach and state-of-the-art infrastructure positioned them as a key player in Sarawak's digital transformation journey.

‍

Tier IV Data Center Excellence
Irix stood out as the only provider in Sarawak with a Tier IV-certified Data Center (DC), the highest standard for data center reliability and performance. This world-class facility offered unmatched security, redundancy, and uptime, making it the perfect home for SAINS' critical operations.

‍

Seamless Migration Strategy
Recognizing the need for a more robust and secure environment, SAINS decided to migrate its Data Center operations to Irix's Tier IV facility. This move not only addressed SAINS' immediate cybersecurity concerns but also future-proofed its infrastructure, ensuring scalability and resilience for years to come.

‍

Nexusguard: The Cybersecurity Ally in Irix-SAINS’ Mission

‍

Driving Growth and Security: Nexusguard’s Role in Irix’s Success

While Irix was working diligently to resolve SAINS' challenges and build its own network, it recognized the need for a strong partner to enhance its cybersecurity capabilities. This is where Nexusguard entered the picture, becoming an indispensable partner in Irix's mission to deliver top-tier protection and services.

‍Wei Kai Sng, Executive Director at Irix, reflected on the partnership: “Faced with securing SAINS' infrastructure against DDoS attacks, Nexusguard provided a fully managed solution that protected our networks and enabled us to deliver premium cybersecurity services. Their advanced platform gave SAINS unparalleled visibility and control, while their flat-rate pricing eliminated financial risks during attacks. This collaboration allowed us to scale seamlessly, securing a 10-year contract with SAINS and significantly boosting our revenue.”

‍

The partnership with Nexusguard enabled Irix to achieve several key breakthroughs:

‍

A Fully Managed Solution
Nexusguard provided Irix with a comprehensive, fully managed cybersecurity solution, significantly reducing the burden on Irix's Network Operations Center (NOC) team. This allowed Irix to focus on its core operations while ensuring its network remained secure and resilient.

‍

Premium Protection for SAINS
With Nexusguard's advanced platform, Irix was able to offer SAINS a premium protection service featuring individual dashboards, a multi-tenancy platform, granular profiling, and detailed monthly reporting. This not only enhanced SAINS' security but also provided them with complete visibility and control over their network.

‍

Strategic Pricing and Revenue Growth
Leveraging Nexusguard's expertise, Irix was able to quickly craft competitive service pricing and structure. This partnership unlocked new revenue streams, allowing Irix to upsell its services. Without Nexusguard, Irix would have secured only a MYR 5 million (≈USD 1.1 million) contract for Dedicated Internet Access (DIA) services. However, with the addition of Clean Pipe DDoS protection, SAINS awarded Irix an additional MYR 1.5 million (≈USD 330,000) annually — a 10-year contract that significantly boosted Irix's revenue.

‍

Ready-to-Scale Business Model
The collaboration with Nexusguard empowered Irix to immediately bundle its DIA and IP Transit services with DDoS protection, without the need for additional investments in technology or hiring more cybersecurity experts. This scalability positioned Irix as a reliable and agile provider in the market.

‍

Anchor Customer and Future Profitability
With SAINS as its anchor customer, Irix gained a strong foothold in the market. The success of this partnership meant that future customers would contribute almost pure profit, as the foundational infrastructure and expertise were already in place.

‍

By teaming up with Nexusguard, Irix not only strengthened its own capabilities but also transformed its business model, setting the stage for sustained growth and success in the competitive telecommunications landscape.

‍Wei Kai Sng added: "Beyond the technical and financial benefits, Nexusguard’s expertise and support have been invaluable. Their team worked closely with us to ensure a smooth implementation, and their proactive approach to cybersecurity has given us the confidence to tackle even the most complex threats. Nexusguard isn’t just a vendor — they’re a true partner in our mission to safeguard Sarawak’s digital future."