The question is ambiguous.
What kind of security do you have in mind?
Are you asking because of the messages about tainted kernel? That is because of the proprietary nvidia drivers you use.
Or are you asking about disabled secure boot?
The system does not get insecure through that - it’s only the boot process that is or is not “secure”.
You can remedy that, through quite some work.
For no benefit whatsoever though - IMO.
You hit the nail on the head, the OP needs to define what he means by the topic title…
That can be enabled via a kernel command-line option used in your bootloader, but is not required for normal operation except very few special purposes.
Anyhow the output of that command fwupdmgr security does NOT show if your system is secure or not, it just shows the results of some checks it does and provides info.
The red crosses in the suffix listing are all related to SecureBoot being disabled, which can be enabled in your UEFI-BIOS. But only do so if you use a signed boot loader ! (Else you will get a red screen with an error)
A safe baseline for security should be HSI-1. If your system isn’t at least meeting this criteria, you should adjust firmware setup options, contact your manufacturer or replace the hardware.
So you’re OKAY
Just as a reference on my system:
Host Security ID: HSI:INVALID:chassis[0xffffffff]
✔ ME manufacturing mode: Locked
✔ ME override: Locked
✔ Platform Debugging: Disabled
✔ SPI write: Disabled
✔ Supported CPU: Valid
✔ UEFI platform key: Valid
✔ UEFI secure boot: Enabled
✘ MEI version: Failed
✘ SPI BIOS region: Unlocked
✘ SPI lock: Disabled
✘ TPM v2.0: Not found
✔ IOMMU: Enabled
✔ Platform Debugging: Locked
✘ Intel BootGuard: Disabled
✘ Intel BootGuard ACM protected: Disabled
✘ Intel BootGuard OTP fuse: Disabled
✘ Intel BootGuard verified boot: Disabled
✘ Intel BootGuard error policy: Disabled
✘ Intel CET Enabled: Not supported
✘ Pre-boot DMA protection: Disabled
✘ Suspend-to-idle: Disabled
✘ Suspend-to-ram: Enabled
✘ Encrypted RAM: Not supported
✘ Intel SMAP: Not supported
Runtime Suffix -!
✔ Linux kernel lockdown: Enabled
✔ Linux swap: Disabled
✔ fwupd plugins: Untainted
✘ Linux kernel: Tainted
This system has a low HSI security level.
This system has HSI runtime issues.
The chasis is normal cause it’s a self-build computer, and the tainted kernel due to nVidia…