Brian Madden's intellectual foundation

This document synthesizes the core ideas, frameworks, and arguments from Brian's published work on AI and the future of work (~2023–March 2026). It represents the intellectual foundation for understanding AI's impact on knowledge work and the enterprise.

Last updated: March 12, 2026 (34 posts through March 12, 2026)

Core thesis

The real AI transformation is happening worker-by-worker, not top-down.

Brian's central argument across all posts is that corporate-led AI initiatives consistently fail to deliver measurable value, while individual workers using consumer AI tools (ChatGPT, Claude, Gemini) are quietly transforming how knowledge work gets done. This is not shadow IT to be contained—it is shadow strategy to be enabled.

The transformation follows a predictable pattern: workers discover AI helps them, they incorporate it into their workflows without waiting for permission, and they get results that IT-led initiatives cannot replicate. This happens because workers have access to the "invisible 80%" of their own work—the tacit knowledge, judgment, patterns, and context that no external observer can see or document.

The enterprise response should not be to block, restrict, or replace worker-chosen tools with inferior "approved" alternatives. Instead, enterprises should secure the environment where work happens, not the specific tools workers use. The workspace becomes the control plane—the governance boundary where apps, identity, security, and context converge around the worker.

This thesis has three interconnected implications:

1. Worker-led adoption will always outpace corporate AI programs
2. The workspace (not the model) is where enterprises should focus
3. AI agents will eventually need the same governance as human workers

Frameworks

These named models provide lenses for analyzing AI's impact on knowledge work. Each is a standalone explainer.

• The 7-stage roadmap for human-AI collaboration
• The workspace as control plane
• The invisible 80% of knowledge work
• The bitter lesson of workplace AI
• The factory electrification analogy
• The cognitive stack
• The post-application era
• Subscribable brains
• The five levels of AI in knowledge work

View all frameworks

Key arguments

Why worker-led AI beats corporate AI initiatives

The argument: Corporate-led AI fails because outsiders can only see 20% of knowledge work—the outputs, emails, documents, meetings. The other 80% lives in workers' heads: reasoning, pattern recognition, judgment, tacit knowledge. Workers have access to their full 100% and can design AI workflows around it. IT cannot.

The reasoning: Real knowledge work is fluid, reactive, different every day. It's not simple and repetitive enough for automation studios. Even where automation could help, workers think like managers, not programmers. They want to delegate tasks, not build systems.

Key examples:

• AJ the insurance negotiator: 40 years of tacit knowledge about which insurers compromise on what. Consultants failed until they flew to Dallas and sat with him for 3 hours. His 80% didn't show up in the data.
• Workers screenshotting corporate data to upload to ChatGPT, maintaining shadow workflows because IT won't integrate their tools
• McKinsey's case studies require consultant-heavy transformations; workers get similar gains with $20 ChatGPT subscriptions

Why the workspace (not the model) is what matters

The argument: Model performance is converging. Whether you use GPT-4o, Claude 4, or Gemini 2.5, it doesn't really matter. Differentiation comes from the environment: what can the model do with your data, apps, tools, policies, and workflows? The smartest model is useless without proper access.

The reasoning: AI needs to be governed across multiple layers (apps, browsers, OS, standalone tools). Each layer has its own admin console and policy language. Trying to govern AI by controlling which tools workers use creates policy holes. Governance must work across layers, and the only place that happens is the workspace.

Key framing: "Forget the model wars. The real AI race is in the workplace." The winner won't be the best AI model or most integrated AI feature. The winner will be whoever provides the governance abstraction that works across all the layers.

Why boring infrastructure wins

The argument: In a world where everyone pivots to be "AI-first," providing stable, reliable infrastructure is strategic. Enterprises move slowly. They have legacy systems from the '90s. They have compliance requirements. Workers need to get things done today.

The reasoning: Every technology wave (web apps, virtualization, cloud, mobility, SaaS) followed the same pattern: hype, enterprise resistance, messy bridging of old and new, boring infrastructure becomes the critical enabler. AI is no different.

The historical proof: Citrix succeeded in the late '90s not by replacing Windows apps with web apps, but by providing a modernization wrapper that delivered existing apps with modern benefits (central management, any-device access, better security). The same approach applies to AI: don't replace the enterprise stack, wrap it with AI-friendly governance.

The "invisible 80%" of knowledge work

The argument: Corporate-led AI transformations fail because they can only see and measure 20% of knowledge work—the visible outputs. The other 80% is the real knowledge work: reasoning, pattern recognition, judgment, tacit knowledge. This 80% cannot be extracted, documented, or scaled through IT processes or consultants.

The reasoning: Workers are their own anthropologists. They know (even if unconsciously) their shortcuts, workarounds, and patterns. When they wire Claude into their routine, they're incorporating their 80% directly without having to articulate it first.

The uncomfortable truth: The 80% that matters most can only be unlocked by the people who already have it. Worker-led AI isn't shadow AI—it's the only path to real transformation that works.

AI agents as insider threats requiring human-like security

The argument: AI agents are autonomous workers, not tools. They read, write, execute code, access applications, and make decisions. They can be compromised just like humans: prompt injection instead of phishing, poisoned training data instead of social engineering. They need the same guardrails.

The reasoning: If your AI doesn't have an identity, an attacker will give it one. Without defined identity, agents become perfect insider threats: never sleep, never question orders, operate stupidly fast. The solution isn't to make AI "safer"—it's to acknowledge that AI agents operate in an unsafe world and build appropriate controls.

The security model for AI agents:

• Verified identity (for the agent, not the human it's working for)
• Role-based access controls
• Complete action logging
• Behavioral analytics
• Authorization workflows (human approval for sensitive operations)
• Session recording

The principle: Secure the work itself, not just the worker. Whether human or AI, the work needs to be secured at the point where it happens.

The real AI security risk

The wrong risk: "What if a worker pastes our secret recipe into ChatGPT and it ends up in the model?" This isn't how LLMs work—your Tuesday afternoon prompt doesn't get folded into GPT-5's knowledge base.

The real risk: What AI does, not what it learns. AI agents execute actions: paste internal data to public sites, delete important files, forward confidential documents due to ambiguous voice commands, fall for prompt injections. The breach won't be exfiltration—it will be execution.

The implication: This is a workspace governance problem, not a model training problem. The solution requires visibility into what agents are doing, what systems they're touching, what actions they're taking on behalf of workers. The governance boundary must be the workspace itself.

The post-application era

The argument: AI has created 10,000 accidental citizen developers in your company. The old ratio (one app per ten users) has inverted to ten apps per employee. Software creation costs approaching zero means every worker is a potential developer.

The reasoning: AI-generated apps are ephemeral, undocumented, interconnected, constantly evolving, and invisible. This isn't shadow IT (implying a "bright side" where official IT lives)—it's alternate universe IT.

The response that doesn't work: Lock everything down, block AI tools, require approval for any automation. Workers will circumvent restrictions or leave.

The response that does work: Manage the environment, not the apps. You can't vet 10,000 apps, but you can secure the workspace where they operate. You can't document every workflow, but you can monitor what's happening. You can't approve every automation, but you can control what data and systems they access.

AI will be THE interface to knowledge work

The argument: The primary human interface for knowledge work is shifting from apps to AI platforms. Apps recede into infrastructure that AI operates on workers' behalf. This happens gradually as AI proves reliable on simple tasks and workers' trust expands.

How AI accesses enterprise systems today:

• Modern apps via connectors (Gmail, Slack, Salesforce)
• Web apps via browser control (AI navigates, clicks, fills forms)
• Legacy apps via computer-using agents (CUAs see screens, move mice)
• Direct file manipulation (Excel, Word, PDF without launching apps)

The trust expansion pattern:

1. AI as another app alongside every other app
2. Workers try simple, low-stakes tasks with AI
3. AI proves reliable, workers try harder tasks
4. Proportion shifts: more time with AI, less time in apps directly
5. Eventually: "Wow, I haven't opened Excel in two months"

The bottom line: Apps are just middleware between humans and data. AI doesn't need that middleware. What becomes more important: governed access to files and data, identity management for humans and AI, audit trails, permission systems, review interfaces.

The "faster horse" self-correction

The argument: Brian's own year-one frameworks—the 7-stage roadmap, the agent security model, the workspace governance arguments—were "faster horse" thinking. They assumed work was still happening within the traditional structure and asked how AI enters that model. But the model itself is dissolving.

What changed: Second brains revealed that work is breaking out of the visible 20% container. The 80% (cognition, judgment, tacit knowledge) was never in any system, and no year-one framework deeply considered it. The governance question isn't "which apps are workers using?" but "what data sources is a worker's AI connecting to, what is it absorbing through screens and microphones, and where is that knowledge flowing?"

Why this matters: Brian publicly correcting his own published frameworks is a credibility move. It signals intellectual honesty and positions him as someone whose thinking evolves with evidence rather than defending past positions. The year-one frameworks aren't wrong—they're incomplete. They describe the visible 20%. The year-two work addresses the 80%.

Five levels of AI-assisted knowledge work (the coding-as-leading-indicator framework)

Adapted from Dan Shapiro's five levels of AI-assisted coding, this framework maps the trajectory of AI in knowledge work by treating software engineering as a leading indicator. The core method: take any observation about AI's impact on coding, do a Mad Libs find-and-replace (code→deliverables, engineer→knowledge worker, tests→success criteria), and the insight transfers directly.

Level 0: AI is a spicy search engine. The knowledge worker does the work. AI is a better search tool. The deliverable is unmistakably human. This is most enterprise knowledge workers today.

Level 1: AI is a research intern. Discrete tasks offloaded. "Summarize this." "Draft a response." Speedups are real but the human is still producing. This is most people's experience with Office Copilot.

Level 2: AI is a junior analyst. Pair-working in persistent collaboration spaces (NotebookLM, Claude Projects). Flow state. More productive than ever. The danger: from Level 2 on, workers feel they've maxed out. They haven't.

Level 3: AI is an analyst. The human is no longer producing—they're managing. AI generates strategy decks, analyses, communications. Life is tracked changes. For many, this feels worse. Almost everyone tops out here. This is where second brain users are.

Level 4: AI is a strategy team. The human writes specs, defines acceptance criteria, crafts evaluation rubrics. They don't review line by line—they check whether output passes their scenarios.

Level 5: AI is a dark knowledge factory. The human sets goals in plain English. AI defines approach, produces deliverables, evaluates quality, iterates, ships. A handful of people running what used to be an entire function. The verification framework is the IP, not the reports.

Key insight: The hardest question at Levels 4-5 is verification: how do you know the AI's work is any good without human review of every piece? In code, the answer was end-to-end behavioral tests stored separately from the codebase. In knowledge work, it maps to rubrics-as-holdout-sets (evaluation criteria that live outside the generation process) and adversarial review agents (a different AI, prompted as skeptical board member or hostile competitor, stress-testing the output). This verification problem is a governance question nobody has a playbook for yet.

The punchline: Frontier coding teams are at Level 4-5 today. Frontier knowledge workers are at Level 1-2. Look at what coders are doing now to see what knowledge work looks like in 18 months.

The cognitive stack

This framework names the full hierarchy from human intent to mechanical execution, explaining why enterprise AI investments focused on agents and automation miss the transformative layer. Builds on Karpathy's "claws" concept (personal AI agents as appendages that serve the brain) and Brian's earlier delegation thesis (Dec 2025).

Five layers:

1. The worker: States intent and exercises judgment. The human decides what matters, what's urgent, and what the goal actually is.
2. The cognitive extension ("the brain"): The thing you actually talk to. Holds your full context: who the participants are, the preferred format, what's sensitive, what happened in the last meeting. Plans the approach and sequences the work.
3. Skills: Coherent chunks of capability. Process a meeting transcript, draft an email, research a competitor, check a calendar. Each handles a meaningful piece of work with some autonomy.
4. Agentic sub-processes: The agents that reach into systems, navigate interfaces, call APIs, coordinate with other agents. This is where all the "agent" hype lives—the second-lowest-value layer.
5. Interfaces: APIs, MCP, CUA, RPA, A2A, file interfaces, connectors, webhooks, scripts. The simplest, most mechanical, most interchangeable commodity infrastructure layer.

Why this matters:

• The enterprise AI industry is spending billions on layers 4 and 5 while the real transformation lives at layer 2
• Two trajectories are colliding in the middle: automation vendors built bottom-up (simple scripts to intelligent agents), AI companies entered top-down (intent to decomposition). They overlap at skills/agents, but humans prefer to connect at the intelligence layer
• The cognitive stack mirrors how organizations already work—more thinking at the top, more doing at the bottom. This is the shape intelligence naturally takes when coordinating complex work
• The brain layer is what a second brain actually is: workers start with a cognitive layer that holds their full context, and when it needs to reach into real-world systems, it spawns agents. The agents are disposable. The intelligence is the product.

Key insight: Nobody's strategy for building a great organization is to keep making task workers incrementally smarter until one of them figures out how to be the VP—yet that's essentially the enterprise AI strategy of investing in agents and automations and hoping cognition emerges from the bottom up.

The consumerization parallel (and why it breaks)

The argument: Personal AI adoption follows the consumerization-of-IT pattern from the early 2010s: workers want something, IT says no, workers use it anyway, eventually IT provides a sanctioned version. The BYOD playbook.

But the parallel breaks: In BYOD, corporate iPhones with MDM were basically as good as personal iPhones. The gap was closable. With personal AI, the gap is structural and widens. Corporate AI must limit what it accesses (that's what governance means), but that limitation is what makes it less useful. Personal AI absorbs everything—ambient audio, screen content, hallway conversations. Corporate AI never should. The constraints that make corporate AI governable are the same constraints that make it less capable.

The implication: The BYOD question was "how do we provide a corporate version as good as the personal one?" That had an answer. The personal AI question is "how do we govern a work environment where personal AI operates alongside corporate AI?" That's a workspace problem.

The second brain as published thesis

A second brain is a folder of plain text files on a laptop that an AI reads, maintains, and builds on daily. The AI connects conversations across days, updates knowledge bases, reconciles contradictions, and compounds over time. The 80/20 framework: enterprise AI automates the scaffolding (20%), a second brain amplifies the cognition (80%).

Because everything is just files, brains can connect via git and MCP—creating subscribable knowledge infrastructure. "A second brain gives everyone a staff."

Subscribable brains as distribution model

Experts publish structured markdown repos. Subscribers sync via git/MCP and integrate into their own AI systems. The creator's maintenance of their own second brain is the product—zero incremental production effort. $100/month for an expert's living knowledge system vs. $10-20 newsletter vs. $25K+ consulting engagement.

Enterprise implications: consulting firms where juniors carry seniors' accumulated knowledge, retiring VPs whose institutional wisdom persists, corporate brand/strategy modules wired into every employee's AI. ---