If you haven't read about it already, Google has recently announced that they will be giving a ranking preference to HTTPS/SSL sites. So, you may be wondering: "Do I need to convert my site to HTTPS?"
As you can read in the linked article, Google says HTTPS is just one of many "signals", so the need to deploy SSL depends on how competitive your keywords are. If your keywords are very competitive and your competitors are quick to adapt, then you need it. Otherwise, well, you have to use your bestjudgment. Part of your decision process will include how difficult it is for you to deploy HTTPS. Buying and installing an SSL certificate can range from no big deal to impossible, depending on your hosting provider and skill-set.
Technically, day-to-day running your site under SSL it is not a big deal. One oddity that Google apparently hasn't taken into consideration in its "HTTPS everywhere" concept is that, due to technical limitations, each HTTPS site requires a dedicated static IP address. (Without HTTPS, many web sites can share an IP address with HTTP 1.1 host headers). The related downside is that we are running out of public IPv4 addresses. And, many hosts charge extra for static IP addresses. Additionally, the process of buying and installing an SSL certificate can be complicated (though some hosts will do this for you and/or have the process well automated). Finally, you'll want to make sure that all your host names properly redirect to the host name used in the SSL certificate (to avoid certificate name mismatch errors/warnings).
On a more general note, one that thing that bugs me about this is that I have personally had situations where, where for no obvious reason, Google's servers didn't trust a given SSL Certificate Authority's root certificate. In the particular case I remember, we were using Google Merchant Center to transfer product information to Google. As required by Google, we gave them a FTPS account their servers used to download our product data. After renewing an SSL certificate, the transfers stopped working. We did not change CAs and it was not obvious why the transfers suddenly weren't working, but eventually, we bought a new SSL certificate from a different vendor and FTPS started working again. My point is this: SSL trust isn't perfect - what if Google's crawlers can't access your site because of SSL trust problems (or other SSL quirks)? Or what if your visitor's browser can't access your site? SSL has advantages, but it adds additional complexity (and possibilities for things to go wrong) as well.