My site of about 14,000 purely informational pages was HTTP because I saw no reason for HTTPS. Even Google Webmaster said I had no security issues.
Then in July 2018 my inquiries started dropping from 5 or more per day. A year later I was only getting 2 inquiries per WEEK, a horrendous drop from the year before. I knew there was something wrong, but it took me 10-1/2 months of digging before I found the problem. Chrome was flagging all of my pages as insecure. Since Chrome has about 60% of the market, that flagging hit me hard.
Once I found the problem, it took me another six weeks to fix it. On the last Monday of June 2019 I was finally up and working with HTTPS. Within ONE HOUR I had 5 inquiries, a far cry from the TWO inquiries the week before with HTTP. And ever since my inquiries have ranged from 5 to 10 PER DAY.
For purely informational pages there is no reason to have anything more costly than FREE LetsEncrypt security for a website. However, not all hosts allow it to be used. GoDaddy, for example, WILL allow FREE LetsEncrypt, BUT they will charge you $175 per year and NOT allow you to install it yourself. As a result, I was forced to jettison GoDaddy as my host and moved to a host that includes FREE LetEncrypt security as part of their hosting plan.
Also, according to what I read, Chrome will BLOCK all HTTP pages starting next January. At that point over 60% of all potential visitors will NEVER be able to see your site.