Usually, marketing draws up visions of creating advertisements and convincing customers to buy your product. In reality, marketing starts far before that — when you are actually creating the product. This is one of the jobs of the tech product manager: to ensure that the products being prioritized are the same as the products the customer is interested in buying. This is not just relegated to tech, but also consumer packaged goods, financial services products, general services, and other things that people pay money for.
The problem is that we don't have a good grasp on what customers will pay money for. Swinging in the dark may have been useful before, but in the present day, markets are so competitive that you have to successfully plan ahead. We could ask customers what they want, and they may tell us, but that has less bearing on what they will actually buy than what we would prefer. Figuring out what they need has similar pitfalls — someone with three kids who lives in Buffalo, New York might need a car that can carry their children and tough through the immense snowfall, but they still could buy a Ford Mustang just because they feel like it.
When I was a product management intern, I learned about a framework for figuring out what customers want to pay for and frankly, it is ingenious. I love it so much because although plain and straightforward, it is instructive for people actually working at a company. It's called jobs-to-be-done. I won't explain it, instead, here is Clayton Christensen, the researcher who coined the term:
If you know what customers are going to use your product for, then you start to be able to know what could do that job. This lets you understand what your product competes against. At McDonald's, a milkshake isn't competing with an ice cream cone or a McFlurry — instead, it's competing against a banana or a cup of coffee. For a cybersecurity company, although your specific product may offer some form of improved security, that does not mean your direct competitor is other products of the same type. Other cybersecurity products which do the same job accomplish the same goal.