This seems weird until you remember that fast food actually gets delivered now
“Sensitive information sent to non-company email addresses“
The expected outcome from this recipe is a list of emails sent outside the company.
Crawl your data sources and assign them to datasets appropriately.
When ingestion is complete, open the advanced search menu. There are many flavours of PII and SPI which are automatically detected in NOW Privacy. Use the “count” types of PII to detect files above a threshold of PII which meets your risk concerns.
If you are searching for a different kind of sensitive information, try looking for terms which are specific to that kind of document or information.
Specify that you are looking for emails by using the file type and/or by specifying the datasets to those which correspond to your email servers.