Well for starters, most of that work is done by our compliance folks. The group that I'm in just manages the infrastructure.
I'm fairly confident thought that spreadsheets would easily be detectable provided the information wasn't encrypted within the spreadsheets.
Most of the alerts are generated by folks themselves doing personal business while at work.
As for the stuff we might not be able to detect - again - encryption is key (pun intended).
But in all honesty a lot depends on the data classification, which is set by the data owner.
Confidential data is supposed to be encrypted while the data is at rest and while it's in motion.
In that regard the data leakage products aren't going to see it.
(Yes I know a malicious actor could just as easily encrypt our own precious data and send it to themselves undetected.)
Look, security is a balancing act. A company could make their network more secure than it is but no work could get done if they did. No company can be expected to plug all the holes that might exist, but you look for the highest risks with the largest impacts and you mitigate those risks accordingly.