It’s becoming more important for websites to have a security certificate – the padlock symbol shows when there’s a certificate – in order to help visitors confirm that you’re a genuine site.
In the past certificates were only required for sites that handled sales, but that situation has changed and most browsers will now advise website visitors that the site (they are visiting) is not secure, regardless of the site’s purpose or ownership, if no certificate is installed.
Time to put my own hand up here, I finally sorted out a certificate for this site https://paulturvey.co.uk this morning but that also (in my case) meant moving the website between suppliers.
For new sites that I manage adding a certificate is an option at setup time that adds a modest fee to the total charge for hosting. If you already have hosting it’s down to the hosting provider how much that will cost (which was one reason for my relocation 
)
)