Vendors such as Damballa, FireEye, Lastline and General Dynamics Fidelis Cybersecurity Solutions apply intelligence to outbound traffic to spot possible malware in the network.
"I call the posture assumed breach," Morales said. "Instead of trying to stop breaches, I try to stop data loss."
In general, the technology checks the IP addresses where data is heading and compares them to a continuously updated blacklist of known addresses used by cybercriminals.
The technology can also analyze packets to determine whether they contain characteristics indicative of malware.
Currently, these types of systems require a combination of hardware and management services provided by the vendor, Morales said.
As the technology matures, he expects more automation and less of a need for outside services.
"Right now, there's too much manual processing (of data)," Morales said.
Sign up for CIO Asia eNewsletters.