99% of people if you tell them to go to website.com will type website.com into the address bar. This will send an unencrypted HTTP request on port 80, even if the site supports HTTPS. This initial navigation can be intercepted by a MITM and redirected, spoofed, whatever (coffee shop WiFi is a great example of where this could be dangerous). Making the default navigation use HTTPS negates this attack.
As a small side bonus, it also reduces navigation latency by several RTTs, as there is no longer the need for a connection to port 80 HTTP that only always gets redirected to HTTPS.
On relatively modern browsers, this is obviated if the DNS name you type into the browser has HSTS preload.
As well as preloading your corporate web site, HSTS preloading can be done hierarchically. For example all of .google, .dev, and .foo is HSTS preloaded, sites in those TLDs don't have plaintext HTTP in modern browsers. Perhaps some day the US government will preload .gov
(Plaintext HTTP still works for these names, a tool like curl doesn't obey HSTS -- it just can't be done in your web browser because it'll get upgraded to an HTTPS request)
As a small side bonus, it also reduces navigation latency by several RTTs, as there is no longer the need for a connection to port 80 HTTP that only always gets redirected to HTTPS.