Think of NAT (Network Address Translation) as the receptionist of a very private office building.
You have 50 computers (private IPs), but your ISP only gave you 1 Public IP address. How do they all talk to the internet at once?
The NAT Gateway stands in the middle. It takes outgoing mail, stamps its own "Public" address as the sender, and remembers who sent it.
See how your Private IP (10.0.0.5) gets rewritten to a Public IP before hitting the internet.
Since your laptop has a private IP (10.x.x.x), the internet literally cannot route to you directly. Hackers can scan the NAT Gateway, but they can't touch your laptop unless the NAT lets them in.
There are only ~4 billion IPv4 addresses. If every toaster and phone needed a public one, we'd have run out in the 90s. NAT lets thousands of devices hide behind one Public IP.