To understand digital technologies…

Digital technologies promise to make life easier for customers. Yet behind every seamless digital service lies a web of interconnected systems. From hospital networks to financial institutions, firms build sophisticated back-end technologies so front-end experiences feel effortless. The same technologies that simplify life for customers can create chaos for organizations, manifesting as IT outages, algorithmic biases, and cybersecurity breaches.

Practitioners and researchers often treat all large systems as “complex,” assuming more components automatically mean more risk. Complexity is even called the “worst enemy” of cybersecurity. But this view overlooks something crucial.

My research draws on complexity science (an interdisciplinary realm of scholarship based on iterative, dynamic, and highly sensitive equations) to clarify a key distinction between complicated and complex systems. Having many interconnected parts does not, by itself, make a system complex. A complicated system has components that connect in structured and well-understood ways, such as an airplane engine with thousands of coordinated parts. A complex system, in contrast, arises when components interact in ad hoc and nonlinear ways, producing outcomes that can’t be fully predicted or controlled. These interactions create a state where one tiny change can cascade into disproportionately large ones, much like the butterfly effect, where fluttering wings can influence a distant storm.

Organizations often add back-end technologies to simplify and enhance customer experiences. The more systems they connect, the more complicated things become, but that’s manageable if information flows through standardized, well-governed channels. Problems arise when systems form adaptive, unstructured connections. Complicatedness then becomes complexity, leading to the issues described above — not because of too much technology, but because of uncontrolled interactions among technologies.

My research shows how organizations can tame complexity rather than fear it. Standardized data sharing and aligned stakeholder governance help structure interactions and restore control. Counterintuitively, adding technology can sometimes simplify a system if the addition helps organize information flows. For example, health systems whose hospitals rely on incompatible IT and ad hoc patient data exchanges face more cybersecurity breaches. Yet implementing an enterprise-wide data warehouse to standardize data flows tames complexity and reduces breaches.

Complexity in digital technology is not the enemy; it’s a force to be understood and harnessed. As organizations deploy AI to simplify human tasks, new complexities emerge. The next frontier is designing governance and control mechanisms that keep AI-driven complexity risks in check, so intelligent automation simplifies work without making organizations harder to manage.

Tanriverdi, H., Kwon, J., and Im, G. (2025). “Taming Complexity in the Cybersecurity of Multihospital Systems: The Role of Enterprise-Wide Data Analytics Platforms.” MIS Quarterly, 49(1), 243-274.

Benbya, H., Nan, N., Tanriverdi, H., and Yoo, Y. (2020). “Complexity and Information Systems Research in the Emerging Digital World.” MIS Quarterly, 44(1), 1-17.

Back to December 2025 Research Newsletter