This work develops a two-phase secure integrated sensing and communication (ISAC) framework, where a dual-function transmitter (Alice) detects the presence of a potential eavesdropper (Eve) as a sensing target in the first phase. In the second phase, Alice adapts her secure transmission strategy based on the sensing outcome of the first phase. A distinct aspect of our developed two-phase framework is the derivation of the overall effective secrecy rate across both phases. In our proposed framework, for system design, we aim to maximize the overall effective secrecy rate subject to Alice’s average transmit power over the two phases remaining below a predetermined threshold. To address the resulting non-convex design problem, an algorithm based on semi-definite relaxation (SDR) and double-layer optimization is proposed. In addition, two low-complexity solutions are developed to simplify the design of the transmit beamforming in the first phase. Our numerical results show that the proposed two-phase secure ISAC framework significantly enhances the secrecy rate compared to a conventional physical layer security (PLS) system if Eve is present with a low probability. This explicitly shows the effectiveness of exploiting sensing for enhancing the security of wireless communications.