This is a good time to remind everyone the technically sound choice of hybrid crypto is discouraged by NSA. I wish they didn't. PQ is a major overhaul to crypto systems. Setting aside the risk of yet-to-be-discovered algorithmic vulnerabilities, there is a huge risk of implementation mistakes leading to compromise. Mature classical crypto should be used as a backstop by deploying PQ in hybrid mode along classical crypto.
Isn't the point of hybrid crypto due to the possibility that this fancy new quantum resistant algorithms have a fatal flaw? If so, I could understand why NSA has that stance (if you don't trust the crypto its useless), but realistically it's a good idea.
That's not how we approach security. We don't think in terms of 'Trust' in algorithm. We think in terms of risk management. It's not uncommon for new algorithms and approaches to have algorithmic or implementation flaws. That is a risk. One of the mitigations we often consider is adding another layer of defense.
