About OpenDLP-LK

Building Sri Lanka's open-source data protection ecosystem

Our Mission

OpenDLP-LK exists to democratize enterprise data protection for Sri Lankan organizations. We believe every business—regardless of size or budget—deserves access to world-class Data Loss Prevention guidance and tools.

By creating open-source, PDPA-aligned resources, we're building a foundation for data security excellence across Sri Lanka's digital economy.

Why We Exist

Growing Threat Landscape

72% of data breaches involve cloud assets. Sri Lankan enterprises face increasing cyber threats but lack localized DLP guidance.

PDPA Compliance Mandate

Sri Lanka's Personal Data Protection Act (No. 9 of 2022) requires robust data protection measures. Non-compliance carries penalties up to LKR 10 million.

Cost Barrier

Commercial DLP consultancy can cost USD 50,000-500,000. Many SMEs can't afford this, leaving critical data exposed.

Lack of Local Context

Generic DLP guides don't address Sri Lankan data patterns (NIC formats, banking standards) or Sinhala/Tamil language support.

What We Provide

Implementation Guide

5-phase roadmap covering planning, discovery, policy, pilot, and monitoring

Policy Templates

Ready-to-customize templates for DLP policies, incident response, and governance

Data Patterns

Sri Lankan NIC formats, banking patterns, mobile numbers, and language detection

Champions Program

Training materials and certification for department-level data protection leaders

PDPA Toolkit

Gap analysis tools, compliance checklists, and regulatory mapping

Tools & Scripts

Open-source automation scripts and data discovery utilities

Community-Driven

OpenDLP-LK is built by security professionals, data protection officers, legal experts, and developers across Sri Lanka. We welcome contributions from:

Security Professionals

Legal Advisors

Developers

Enterprise IT

Academics

Compliance Officers

Our Principles

1

Open & Accessible

All resources are free, open-source, and available to everyone

2

Practical & Actionable

Focus on implementable solutions, not theoretical concepts

3

Locally Relevant

Built for Sri Lankan context, regulations, and data patterns

4

Community First

Driven by collective expertise, not commercial interests

5

Continuously Evolving

Updated regularly with new threats, regulations, and best practices

Get Involved

Join us in building Sri Lanka's data protection future

Contribute View on GitHub