If you suspend, you are vulnerable to reading decryption key from RAM (firewire, ram freezing). If you are doing full disk encryption, then only shutdown or hibernate are secure.
My encryption key doesn't live in RAM because I use TRESOR. It's hidden in the debug registers of my CPU. There is still going to be other sensitive information in RAM though which I wouldn't want to be accessed.
