When talking about making a website secure, what that usually means is encrypting the connection between the web server and the computer accessing the website. This is done with an SSL certificate with your website hosting.
Having an SSL certificate for your website does not necessarily mean it's safe from being hacked. That's another issue. That has to do with keeping your website software (WordPress, Joomla, etc.) up to date and doing certain tasks to "harden" your website security. That's very much separate from making the connection secure.
When you have an SSL certificate on your website, technically speaking, the port switches from port 80 to port 443 on the server. It then encrypts all text and images to and from the website. You typically have to pay extra for this.
To add an SSL certificate to your website, you should talk to your website host. They can help you either add a certificate you've purchased to your hosting or they can take care of buying the SSL certificate and adding it to your hosting - as well as taking care of renewing it for you. If you host with Webstix, we prefer that we buy the certificate for you, install it and maintain it. We sell this service for $120/year ($10/month).
Next, you'll need to make sure you force all pages to be SSL. This needs to be done site wide and then tested. Google prefers that websites use SSL for all pages.