For the past several years, we’ve moved toward a more secure web by strongly advocating that sites adopt HTTPS encryption. And within the last year, we’ve also helped users understand that HTTP sites are not secure by graduallymarking a larger subset of HTTP pages as “not secure”. Beginning in July 2018 with the release of Chrome 68, Chrome will mark all HTTP sites as “not secure”.
Read more on the official Google Chrome blog.
To be clear HTTPS doesn’t make your website “secure”, but it does make it MORE secure than HTTP. My guess is in most cases this is a server-setting not an actual programatic change, although depending on how your site is programmed…