Do you have a secure website? If it starts with HTTP ... it is NOT secure and that is definitely a big no-no, even if you don't offer e-commerce.
In years past, a security certificate was only needed if you were collecting credit card or other sensitive data on your website. In fact, the "S" in HTTPS stands for "secure." Your browser should also display a padlock icon to the left of the address bar if the site you're visiting is secure. If your site is NOT secure (does not start with HTTPS), Chrome, Firefox and other browsers display an obvious warning that the user is trying to visit an unsecured site. Some security settings may block access to those sites altogether. So you're harming your ability to get website traffic and leads if you haven't updated your security protocol. In addition, you're harming your SEO as Google penalizes sites (lower search rankings) that still use HTTP, which means it's harder for potential clients and candidates to find your website when they're doing searches.
Some domain providers include a free security certificate. You can purchase them for as little as US $10 (it's easy to get oversold, so start by asking your domain provider for help!). Your web developer will need to install the certificate, create appropriate redirects and do a few other checks on your site to make sure everything is correctly set up and functioning. This is probably in the range of USD $200-$300 from most developers, so it's not terribly cost-prohibitive and also doesn't take very long. Here's a good article for more info.
If you haven't taken care of converting your site to HTTPS, make it a priority to do so!