You start with something secure and rudimentary and add features over time.
You don't start with something unsecure and then add security to it.