Nym Taps Lori Jones as CEO to Scale Privacy Infrastructure

Nym Technologies, the Switzerland-based startup building privacy infrastructure for the internet, has named Lori Jones as its new chief executive officer. Jones, who most recently led enterprise sales at Cloudflare and spent nearly a decade scaling SaaS businesses, takes over a company that's betting privacy will become non-negotiable infrastructure — not a niche concern.

The appointment comes as privacy tech faces a make-or-break moment. Governments are tightening data protection rules. AI companies are scraping everything they can reach. And enterprises are realizing that compliance isn't optional anymore. Nym's mixnet technology — which scrambles metadata to prevent tracking — sits at the center of that shift. The question is whether Jones can turn cryptographic theory into enterprise contracts.

Jones replaces Harry Halpin, Nym's co-founder, who will transition to chief technology officer. Halpin, a former MIT researcher and W3C privacy standards contributor, built Nym's technical foundation but wasn't wired for the go-to-market grind. That's where Jones comes in. Her resume reads like a playbook for taking complex infrastructure and making it sellable: enterprise sales leadership at Cloudflare, go-to-market roles at Oracle and Salesforce, and a track record of closing seven-figure deals with Fortune 500 buyers.

"Privacy can't stay theoretical," Jones said in a statement. "The organizations I've worked with aren't asking whether they need privacy infrastructure anymore — they're asking how fast they can deploy it. Nym has the technology. My job is to make it accessible."

Nym's core product is a mixnet — a decentralized network that strips metadata from internet traffic. Unlike VPNs, which hide your IP address but leave timing and traffic patterns exposed, mixnets add noise and random delays to obscure who's talking to whom. The company claims its architecture makes surveillance effectively impossible, even for nation-state actors.

The tech works by routing encrypted packets through multiple nodes, mixing them with decoy traffic, and introducing random timing delays. By the time data exits the network, the link between sender and recipient is mathematically severed. It's the kind of design that cryptographers love and enterprise IT teams find baffling.

That's the gap Jones needs to close. Nym has raised over $30 million from investors including Andreessen Horowitz, Polychain Capital, and Digital Currency Group, but capital alone won't solve the translation problem. Most enterprises still think privacy means "we encrypt data at rest." Convincing them they also need to hide metadata — and that doing so doesn't break performance — is a different pitch entirely.

The company points to a handful of early use cases: blockchain validators hiding transaction origins, messaging apps adding metadata protection, and AI companies preventing model query tracking. None of those markets are mainstream yet. But if AI regulations start requiring audit trails that prove user data wasn't leaked in training sets, mixnets could become mandatory infrastructure overnight.

Jones didn't come from crypto. That might be the point. Her career has been spent selling infrastructure to people who don't care about the underlying protocols — they care whether it works, whether it scales, and whether their legal team will approve it. At Cloudflare, she led enterprise sales during the company's fastest growth period, helping land customers like IBM, Cisco, and the U.S. Department of Defense.

Before Cloudflare, Jones spent five years at Oracle building out its cloud sales organization and another three years at Salesforce during its push into the Fortune 500. She knows how procurement works. She knows how to navigate multi-quarter sales cycles and compliance committees. And she knows that no enterprise buyer wakes up excited about decentralized mixnets — they wake up worried about GDPR fines and AI compliance audits.

Her LinkedIn describes her management style as "low-tolerance for ambiguity" — which sounds like exactly what a founder-led crypto project might need at this stage. Nym has been live since 2021, but it's still operating mostly in proof-of-concept mode. The mainnet exists. The node operators are running. The token has some liquidity. But the revenue model remains fuzzy, and the customer pipeline is thin.

Jones' first priority, according to people familiar with the company's strategy, is building repeatable revenue. That means productizing Nym's SDK, creating pricing tiers that make sense to enterprise buyers, and establishing reference customers that aren't blockchain companies. It also means hiring a sales team that can explain mixnets without using the word "cryptographic" in the first five minutes.

Nym isn't alone in betting that privacy tech is about to become critical infrastructure. Over the last 18 months, funding for privacy-focused startups has spiked. Fhenix raised $15 million for fully homomorphic encryption infrastructure. Inco Network secured $4.6 million for confidential computation on Ethereum. Oasis Labs pulled in $45 million to build privacy-preserving AI tools. Investors are circling the space, convinced that the next wave of regulation will make privacy tooling mandatory.

The regulatory momentum is real. The EU's AI Act includes provisions requiring companies to prove training data wasn't improperly accessed. The U.S. executive order on AI calls for auditable privacy controls. China's Personal Information Protection Law imposes strict metadata handling rules. Compliance isn't optional anymore — it's the cost of doing business.

But privacy infrastructure still faces a branding problem. For most executives, "privacy tech" conjures images of dark web markets and whistleblowers, not enterprise SaaS. VPNs have terrible reputations in IT departments. Zero-knowledge proofs sound like magic. And mixnets? Most people have never heard the term.

That's the education gap Jones needs to bridge. The technology might be elegant. The cryptographic proofs might be bulletproof. But none of that matters if enterprise buyers don't see a line item in their compliance checklist that says "deploy mixnet."

Nym operates a blockchain-based network powered by the NYM token, which is used to incentivize node operators and pay for privacy services. That introduces a layer of complexity most enterprise buyers would prefer to ignore. Tokens mean volatility. They mean crypto compliance. They mean explaining to the CFO why the company needs to hold digital assets to buy privacy infrastructure.

The biggest question hanging over Jones' appointment is timing. Is the market ready to pay for metadata privacy, or is Nym two years early? Infrastructure companies live and die by timing. Too early, and you burn cash evangelizing. Too late, and incumbents have already locked in the market.

Nym's bet is that AI is the forcing function. As language models scrape the internet and companies rush to deploy agents, metadata leakage becomes a liability. If an AI assistant queries your internal systems, who sees those queries? If a model uses your data for training, how do you prove it didn't leak to competitors? These aren't theoretical concerns — they're showing up in enterprise RFPs right now.

The company also points to blockchain as a near-term market. Validators need to hide transaction origins. DeFi protocols need to prevent front-running. Privacy coins are under regulatory fire, and mixnets offer a compliant alternative. It's a smaller market than enterprise AI, but it's cash-flow positive and available now.

Jones will need to balance both. Blockchain revenue can fund the business while enterprise contracts mature. But if Nym gets typecast as "crypto infrastructure," it'll struggle to break into Fortune 500 accounts later. The playbook is familiar: start niche, prove the tech works, then expand horizontally once compliance teams wake up.

The risk is that by the time enterprise buyers are ready, someone else has already built a simpler, less cryptographically pure solution that "good enough" privacy. History is littered with technically superior protocols that lost to products that just shipped faster and integrated easier.

Halpin's transition to CTO isn't a demotion — it's a recognition that Nym needs different leadership for its next phase. Halpin is a researcher at heart. He's contributed to W3C privacy standards, published academic papers on anonymity networks, and built Nym's technical architecture from scratch. But taking a research project and turning it into a business that pays salaries and renews contracts? That's not his skill set, and he knows it.

The CTO role lets Halpin focus on what he's good at: protocol development, standards engagement, and keeping Nym's technology defensible. Meanwhile, Jones handles the parts that don't involve whitepapers. It's the classic founder-operator handoff — less dramatic than a boardroom coup, more like a mutual acknowledgment that different stages need different people.

If Jones succeeds, Nym becomes the privacy layer enterprises didn't know they needed until regulation forced their hand. Reference customers emerge: a healthcare company using mixnets to anonymize patient queries to AI models, a financial institution hiding algorithmic trading patterns, a government agency protecting whistleblower communication channels. Revenue grows predictably. The sales team stops explaining what a mixnet is and starts closing deals.

If she doesn't, Nym remains a technically impressive project that never found product-market fit outside of crypto. The token loses liquidity. Node operators shut down. The technology gets cited in academic papers but ignored by enterprises. And in five years, some less elegant but more pragmatic solution captures the market because it integrated with existing tools and didn't require a PhD to deploy.

The middle scenario is the most likely: Nym carves out a niche in blockchain infrastructure and a handful of privacy-critical enterprise verticals, generates enough revenue to stay independent, but never breaks into the mainstream. That's not failure — it's just not the unicorn outcome investors are betting on.

Jones' hiring suggests Nym is betting on the high-upside case. You don't bring in a Cloudflare sales leader to manage a niche product. You bring her in because you think the market is about to crack open, and you need someone who knows how to scale when it does.

Nym's CEO appointment is a data point in a larger question: is privacy infrastructure finally becoming a category, or is it still a feature that gets bolted onto existing platforms? For the last decade, the answer has been "feature." AWS added encryption. Cloudflare added DDoS protection. Datadog added log anonymization. Nobody bought standalone privacy infrastructure — they bought the platform and got privacy as a checkbox.

That model worked when privacy was a nice-to-have. But if it becomes legally mandated — if you genuinely can't deploy AI models without provable metadata protection — then standalone infrastructure starts to make sense. The question is whether Nym can build fast enough to own that category before AWS decides to launch a mixnet service and price it at one-tenth the cost.

Jones will need to move fast. Privacy tech has a narrow window before it either becomes essential or gets commoditized. She's got the credibility, the experience, and the impatience. Whether she's got the market timing is the only question that matters.

And whether enterprises are finally ready to pay for something they've been ignoring for a decade.

Taking over Nym isn't just about selling software — it's about managing a decentralized network with its own governance complexities. The company operates a token-based incentive system, which means Jones will need to navigate node operator economics, token holder expectations, and the occasional governance drama that comes with decentralized infrastructure.

That's a different challenge than most SaaS CEOs face. At Cloudflare, Jones could focus purely on customer acquisition and retention. At Nym, she's also managing a community of node operators who have their own financial stake in the network's success. If token incentives don't align with enterprise needs, the network could degrade — and no amount of sales skill fixes that.

There's also the question of positioning. Does Nym market itself as a Web3 infrastructure company, or does it try to distance itself from crypto entirely and pitch as enterprise privacy tooling? The answer determines which conferences Jones speaks at, which VCs she pitches, and which buyers take meetings. Straddling both worlds is hard — and most companies that try end up trusted by neither.

Jones will need to pick a lane. The safe bet is to start with crypto-native customers, build revenue and case studies, then use that traction to crack enterprise accounts once privacy regulations force the conversation. But safe bets don't usually produce the outcomes early-stage investors are hoping for.

The ultimate measure of Nym's success won't be whether it becomes the most technically sophisticated privacy solution — it'll be whether it becomes boring. Infrastructure succeeds when it fades into the background. Nobody thinks about DNS anymore. Nobody debates which CDN to use. They just expect the internet to work.

Privacy infrastructure needs to reach that same level of invisibility. Enterprises should deploy Nym the same way they deploy SSL certificates — because it's required, because it's standard, because not having it would be negligent. That's Jones' job: take something cryptographically exotic and turn it into checkbox infrastructure.

It's a harder sell than it sounds. Cloudflare succeeded because DDoS attacks were visceral and obvious — your site goes down, you lose money, you buy protection. Metadata leakage is invisible until regulators fine you or a breach makes headlines. Jones will need to sell the problem before she can sell the solution.

But if she pulls it off, Nym becomes the infrastructure layer that makes AI and decentralized systems legally deployable. And that market — if it materializes — is worth building for.