Executive summary The United States National Institute of Standards and Technology (NIST) has approved certain standard algorithms for post-quantum cryptography (PQC). These standards set the baseline for encryption and authentication in the age of quantum computers. Although NIST has not officially approved any hybrid algorithms, hybrids are widely used in the industry and can be compliant in the context of Federal Information Processing Standard (FIPS) 140 validation. Most countries agree that organizations should aim for full quantum resistance by 2035. While most countries agree on the overall approach for PQC, they disagree on recommended or required algorithms and the use of combination post-quantum/traditional (PQ/T) algorithms. Most governments, including the U.S. and U.K. governments, recommend against using quantum key distribution, and instead favor the use of post-quantum cryptography. The adoption of post-quantum cryptography (PQC) has become a critical mandate for organizations of all sizes.…