In a malware attack against enterprises, an incident scope generally refers to the extent of damage against the organization, how much data has been stolen, what the attack surface is, and how much it would cost them to resolve the attack and prevent it from happening again in the future.