Millimeter-wave (mmWave) communication systems utilize phased-array antennas to generate highly directional beams, effectively reducing the signal footprint. Nonetheless, eavesdropping, particularly within the main-lobe, remains a significant concern. This paper introduces BeamSec, a novel beam hopping approach to maximize absolute secrecy rates with no information about the Channel State Information (CSI) or location of the eavesdroppers. Methodologically, BeamSec identifies diverse beam-pairs between transceivers by analyzing signal characteristics, such as Angle of Departure (AoD) and Angle of Arrival (AoA). To prevent the complete message from being eavesdropped, BeamSec splits and encodes data between selected beams. Depending on the availability of full/partial or transmitter (TX)/receiver (RX)-only channel knowledge, Beam-Sec optimizes time allocation using analytical models. Our experimental validation using an 802.11ad-compatible 60 GHz phased-array testbed demonstrates a significant increase in absolute secrecy rate showcasing resilience against at least four colluding eavesdroppers. Specifically, BeamSec demonstrates a non-zero absolute secrecy rate even for the simplistic uniform time allocation approach. Radio map (partial channel knowledge) and known room geometry (instantaneous TX/RX) based schemes provide further improvement of 124.8% and 58.13%, respectively, as compared to uniform time allocation.