Security by design in AI requires establishing risk-informed requirements at the earliest stages of the lifecycle and systematically translating them into architectural controls. Conducting AI-specific threat modeling before deployment is the highest-leverage action because it identifies assets (data, models, pipelines), trust boundaries (feature stores, training/inference services), threat events (poisoning, evasion, model extraction), and attack paths unique to ML systems. The outputs (abuse/misuse cases, control objectives, verification plans) then drive selection and prioritization of controls such as privacy-enhancing techniques, access controls, isolation, monitoring, and assurance testing. While differential privacy (C) is a strong control for leakage risk, it is one control choice among many and should be selected as a result of threat modeling. IP allow lists (B) and container segmentation (A) are valuable hardening measures but are narrower and do not replace the lifecycle-wide governance and design traceability that threat modeling enables.