Based on your description for the "security" part, one would really eliminate 99% of the exchanges out there, because that's how many platforms has been compromised in the past:
https://de.fi/rekt-databaseSecurity is obviously very important obviously, but when you dealing with large exchanges, that usually doesn't really affect the user experience because the exchange (Binance, Bybit or OKX to name a few) coud easily reimburse their users and continue operating as if nothing happened. I think what's more important is data leaks and user's personal information's.
Transparency and communication are very important too. We all understnad that exchanges have to follow certain rules and regulations, that's fine but if your account is froze because of a transaction you received, and then you end up going back and fourth with the exchange for weeks, or months... that's obviously not the way to go by things.