A SuiteLet has a few uses, for instance you can create a form and allow the logged in user to access it, you cannot do that with a RESTlet. (yes you can also give access to a non-user if you deploy it that way and they have a link to the SuiteLet)
You could for example use a Suitelet in a popup window.
You can use a SuiteLet as a simple way to retrieve data for a client script.
If you develop an Email plugin, these are SS1.0 only and you are limited to an extent by that, for instance you cannot hang a map/reduce off the plugin directly as SS1.0 has no knowledge of map/reduce scripts so in that instance you can call an SS2.0 SuiteLet that could create the map/reduce task.
Generally speaking I would say, if you have an external entity accessing NetSuite that isn't a direct NS user on the system RESTlets with tokens is the way to go.