Ever since I have been involved in any kind of web development and web technologies, having a secure website running over HTTPS (which is nowadays actually TLS) was a really difficult task. It required very specific knowledge about web servers, about certificate creation and installation, a very specific sequence of steps and a lot of money to renew the certificate(s) every year.
Having a web site served securely was something for the big sites, and the ones who’s services required it (such as banks). However, the last few years have seen a ton of data leaked and services breached. It has almost become an accepted reality that your online data will be sold, leaked or otherwise distributed around the net. These leaks mean that the data you share on the Internet should ideally be secure from end to end, to at least minimise some of the risk.