Realistic cyber attack and data exfiltration

Hiya, I am trying to create a realistic cybersecurity scenario for response testing. I am not a Pentester but work in info sec. The scenario I have developed covers how the attacker gets in to the system and could extract the data from a web app (getting round MFA). I wanted to ask would there be a way to encrypt the data so that if a mass export was done by the attacker it would bypass IDS/IPS. Many thanks